CVE-2024-4040
9.8CRITICALA server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside o
게시됨: 4/22/2024업데이트됨: 11/4/2025
CISA 알려진 악용 취약점
CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virtual file system (VFS).
필요한 조치:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
마감일:
2024-05-01
설명
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
AI 분석AI 기반
영향받는 제품
crushftpcrushftp
crushftpcrushftp
참조
- https://github.com/airbus-cert/CVE-2024-4040ExploitThird Party Advisory
- https://www.bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately/Press/Media CoverageThird Party Advisory
- https://www.crushftp.com/crush10wiki/Wiki.jsp?page=UpdatePatchVendor Advisory
- https://www.crushftp.com/crush11wiki/Wiki.jsp?page=UpdatePatchVendor Advisory
- https://www.rapid7.com/blog/post/2024/04/23/etr-unauthenticated-crushftp-zero-day-enables-complete-server-compromise/Third Party Advisory
- https://www.reddit.com/r/crowdstrike/comments/1c88788/situational_awareness_20240419_crushftp_virtual/ExploitIssue Tracking
- https://www.reddit.com/r/cybersecurity/comments/1c850i2/all_versions_of_crush_ftp_are_vulnerable/Issue TrackingPatch
- https://github.com/airbus-cert/CVE-2024-4040ExploitThird Party Advisory
- https://www.bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately/Press/Media CoverageThird Party Advisory
- https://www.crushftp.com/crush10wiki/Wiki.jsp?page=UpdatePatchVendor Advisory
- https://www.crushftp.com/crush11wiki/Wiki.jsp?page=UpdatePatchVendor Advisory
- https://www.rapid7.com/blog/post/2024/04/23/etr-unauthenticated-crushftp-zero-day-enables-complete-server-compromise/Third Party Advisory
- https://www.reddit.com/r/crowdstrike/comments/1c88788/situational_awareness_20240419_crushftp_virtual/ExploitIssue Tracking
- https://www.reddit.com/r/cybersecurity/comments/1c850i2/all_versions_of_crush_ftp_are_vulnerable/Issue TrackingPatch
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4040US Government Resource