Lucene search
E63CF869-5DB0-5168-9FE9-3B9655B70B8FHistoryApr 30, 2024 - 1:27 p.m.
Exploit for Improper Neutralization of Special Elements Used in a Template Engine in Crushftp
2024-04-3013:27:34
189
code injection
crushftp
cve-2024-4040
unauthorized access
token validation
sessions.obj
remote attackers
vfs sandbox
authentication bypass
administrative access
remote code execution
md7
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.965
Percentile
99.6%
Exploit Code for CVE-2024-4040
Overview
This exploit code t…
This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.
Related
githubexploit
githubexploit
attackerkb
attackerkb
CVE-2024-4040
2024-04-22 00:00:00
CVE-2023-43177
2023-11-18 00:00:00
nvd
nvd
CVE-2023-43177
2023-11-18 00:15:07
CVE-2024-4040
2024-04-22 20:15:07
cve
cve
CVE-2023-43177
2023-11-18 00:15:07
CVE-2024-4040
2024-04-22 20:15:07
nuclei
nuclei
CrushFTP < 10.5.1 - Unauthenticated Remote Code Execution
2023-12-12 09:13:40
CrushFTP VFS - Sandbox Escape LFR
2024-04-23 11:49:51
cvelist
cvelist
CVE-2023-43177
2023-11-17 00:00:00
vulnrichment
vulnrichment
CVE-2023-43177
2023-11-17 00:00:00
metasploit
metasploit
CrushFTP Unauthenticated RCE
2024-03-25 11:41:24
CrushFTP Unauthenticated Arbitrary File Read
2024-04-30 16:43:37
packetstorm
packetstorm
CrushFTP Remote Code Execution
2024-04-15 00:00:00
CrushFTP Unauthenticated Arbitrary File Read
2024-08-31 00:00:00
prion
prion
Design/Logic Flaw
2023-11-18 00:15:00
zdt
zdt
CrushFTP Remote Code Execution Exploit
2024-04-15 00:00:00
nessus
nessus
CrushFTP < 10.7.1 / 11.x < 11.1.0 Sandbox Escape (CVE-2024-4040)
2024-04-24 00:00:00
thn
thn
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
2024-04-20 05:18:00
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
2023-11-25 04:00:00
cisa_kev
cisa_kev
CrushFTP VFS Sandbox Escape Vulnerability
2024-04-24 00:00:00
rapid7blog
rapid7blog
Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise
2024-04-23 15:26:06
Metasploit Wrap-Up 05/10/2024
2024-05-10 20:12:01
Metasploit Weekly Wrap-Up 04/19/24
2024-04-19 18:42:39
wizblog
wizblog
CVE-2024-4040 exploited in the wild: everything you need to know
2024-04-24 16:15:18
qualysblog
qualysblog
CrushFTP Zero-Day Exploitation Due to CVE-2024-4040
2024-04-30 18:45:58
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.965
Percentile
99.6%
Related for E63CF869-5DB0-5168-9FE9-3B9655B70B8F