Lucene search
HistoryNov 18, 2023 - 12:15 a.m.
CVE-2023-43177
cve-2023-43177
crushftp
improperly controlled modification
dynamically-determined object attributes
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.959 High
EPSS
Percentile
99.5%
CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes.
Affected configurations
Node
crushftpcrushftpRange<10.5.2
Related
metasploit
metasploit
CrushFTP Unauthenticated RCE
2024-03-25 11:41:24
packetstorm
packetstorm
CrushFTP Remote Code Execution
2024-04-15 00:00:00
cve
cve
CVE-2023-43177
2023-11-18 00:15:07
cvelist
cvelist
CVE-2023-43177
2023-11-17 00:00:00
nuclei
nuclei
CrushFTP < 10.5.1 - Unauthenticated Remote Code Execution
2023-12-12 09:13:40
attackerkb
attackerkb
CVE-2023-43177
2023-11-18 00:00:00
CVE-2024-4040
2024-04-22 00:00:00
githubexploit
githubexploit
prion
prion
Design/Logic Flaw
2023-11-18 00:15:00
zdt
zdt
CrushFTP Remote Code Execution Exploit
2024-04-15 00:00:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up 04/19/24
2024-04-19 18:42:39
thn
thn
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
2023-11-25 04:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.959 High
EPSS
Percentile
99.5%
Related for NVD:CVE-2023-43177