Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
qualysblogSheela SarvaQUALYSBLOG:27535DCAC2CEE4235B90AF2782EA0D94
HistoryApr 30, 2024 - 6:45 p.m.

CrushFTP Zero-Day Exploitation Due to CVE-2024-4040

2024-04-3018:45:58
Sheela Sarva
blog.qualys.com
25
crushftp
zero-day
exploitation
cve-2024-4040
remote code execution
cisa
kev catalog
qualys
qid 150884
upgrade

7.9 High

AI Score

Confidence

Low

0.966 High

EPSS

Percentile

99.6%

JSON

Vulnerability Scope & Details

CrushFTP disclosed a zero-day vulnerability in their software on April 19, 2024. The vulnerability is published on CVE-2024-4040.

Affected versions:

  • 9.x versions
  • before 10.7.1
  • 11.1.0

The CVSS score is 9.8.

The vulnerability allows remote attackers to bypass the VFS sandbox and access files outside their designated limits without authentication. The vulnerability was exploited to do unauthenticated remote code execution which resulted in attackers being able to read sensitive files.

CISA added the vulnerability to the KEV Catalog on April 24, 2024.

About the Vendor

CrushFTP is a file server supporting standard secure file transfer protocols. The software helps organizations configure with customizations using WebInterface along with monitoring.

Detecting the Vulnerability with Qualys WAS

Qualys released QID 150884: CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) on April 25th to detect the vulnerability.

The number of detections will increase in their dashboard under the Severity of '4'.

Solution

Customers are advised to upgrade to v11.1.0, v10.7.1, or a later version to remediate this vulnerability.

Credits

Related

thn 1
cisa_kev 1
githubexploit 13
nessus 2
cve 1
metasploit 1
wizblog 1
cvelist 1
rapid7blog 2
nvd 1
nuclei 1
attackerkb 1
thn
thn
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
2024-04-20 05:18:00
cisa_kev
cisa_kev
CrushFTP VFS Sandbox Escape Vulnerability
2024-04-24 00:00:00
githubexploit
githubexploit
Exploit for Code Injection in Crushftp
2024-04-23 09:31:29
Exploit for Code Injection in Crushftp
2024-04-25 04:01:23
Exploit for Code Injection in Crushftp
2024-04-25 19:51:38
nessus
nessus
CrushFTP < 10.7.1 / 11.x < 11.1.0 Sandbox Escape (CVE-2024-4040) (Direct Check)
2024-04-26 00:00:00
CrushFTP < 10.7.1 / 11.x < 11.1.0 Sandbox Escape (CVE-2024-4040)
2024-04-24 00:00:00
cve
cve
CVE-2024-4040
2024-04-22 20:15:07
metasploit
metasploit
CrushFTP Unauthenticated Arbitrary File Read
2024-04-30 16:43:37
wizblog
wizblog
CVE-2024-4040 exploited in the wild: everything you need to know
2024-04-24 16:15:18
cvelist
cvelist
CVE-2024-4040 Unauthenticated arbitrary file read and remote code execution in CrushFTP
2024-04-22 19:21:46
rapid7blog
rapid7blog
Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise
2024-04-23 15:26:06
Metasploit Wrap-Up 05/10/2024
2024-05-10 20:12:01
nvd
nvd
CVE-2024-4040
2024-04-22 20:15:07
nuclei
nuclei
CrushFTP VFS - Sandbox Escape LFR
2024-04-23 11:49:51
attackerkb
attackerkb
CVE-2024-4040
2024-04-22 00:00:00

7.9 High

AI Score

Confidence

Low

0.966 High

EPSS

Percentile

99.6%

JSON
Related for QUALYSBLOG:27535DCAC2CEE4235B90AF2782EA0D94
thn1cisa_kev1githubexploit13nessus2cve1metasploit1wizblog1cvelist1rapid7blog2nvd1nuclei1attackerkb1