DirectcyberCVELIST:CVE-2024-4040CVE-2024-4040 Unauthenticated arbitrary file read and remote code execution in CrushFTP
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.6%
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
CNA Affected
[
{
"collectionURL": "https://www.crushftp.com/download.html",
"defaultStatus": "affected",
"product": "CrushFTP",
"vendor": "CrushFTP",
"versions": [
{
"lessThan": "10.7.1",
"status": "affected",
"version": "10.0",
"versionType": "semver"
},
{
"lessThan": "11.1.0",
"status": "affected",
"version": "11.0",
"versionType": "semver"
}
]
}
]References
github.com/airbus-cert/CVE-2024-4040
www.bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately/
www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
www.rapid7.com/blog/post/2024/04/23/etr-unauthenticated-crushftp-zero-day-enables-complete-server-compromise/
www.reddit.com/r/crowdstrike/comments/1c88788/situational_awareness_20240419_crushftp_virtual/
www.reddit.com/r/cybersecurity/comments/1c850i2/all_versions_of_crush_ftp_are_vulnerable/
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.6%