Lucene search
K

22 matches found

GithubExploit
GithubExploit
added 2026/05/08 8:36 a.m.124 views

Exploit for Code Injection in Crushftp

CVE-2024-4040 — CrushFTP SSTI / LFI Proof of Concept For...

10CVSS6.2AI score0.99539EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/07/04 2:30 p.m.100 views

Exploit for Code Injection in Crushftp

CVE-2024-4040 — CrushFTP Authentication Bypass Exploit This r...

10CVSS7.8AI score0.99539EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/07/04 2:30 p.m.142 views

Exploit for Path Traversal in Lakernote Easyadmin

CVE-2024-4040 — CrushFTP Authentication Bypass Exploit This r...

10CVSS8.3AI score0.99539EPSS
Exploits23
GithubExploit
GithubExploit
added 2024/09/30 4:18 p.m.257 views

Exploit for Code Injection in Crushftp

EN GenCrushSSTIExploit is a PoC exploit tool targeting the...

10CVSS8.3AI score0.99539EPSS
Exploits22
GithubExploit
GithubExploit
added 2024/05/03 11:29 p.m.332 views

Exploit for Code Injection in Crushftp

CVE-2024-4040 A server side template injection vulnerability i...

10CVSS8.9AI score0.99539EPSS
Exploits22
GithubExploit
GithubExploit
added 2024/05/01 2:42 p.m.285 views

Exploit for Code Injection in Crushftp

CVE-2024-4040: CrushFTP File Read Vulnerability Overview...

10CVSS8.2AI score0.99539EPSS
Exploits22
Qualys Blog
Qualys Blog
added 2024/04/30 6:45 p.m.50 views

CrushFTP Zero-Day Exploitation Due to CVE-2024-4040

Vulnerability Scope & Details CrushFTP disclosed a zero-day vulnerability in their software on April 19, 2024. The vulnerability is published on CVE-2024-4040. Affected versions: 9.x versions before 10.7.1 11.1.0 The CVSS score is 9.8. The vulnerability allows remote attackers to bypass the VFS...

7.5CVSS7.9AI score0.99539EPSS
Exploits22
GithubExploit
GithubExploit
added 2024/04/30 1:27 p.m.383 views

Exploit for Code Injection in Crushftp

Exploit Code for CVE-2024-4040 Overview This exploit code t...

10CVSS10AI score0.99539EPSS
Exploits27
GithubExploit
GithubExploit
added 2024/04/29 10:21 a.m.410 views

Exploit for Code Injection in Crushftp

CVE-2024-4040-CrushFTP-server CrushFTP is a proprietary multi...

10CVSS10AI score0.99539EPSS
Exploits22
Tenable Nessus
Tenable Nessus
added 2024/04/26 12:0 a.m.45 views

CrushFTP < 10.7.1 / 11.x < 11.1.0 Sandbox Escape (CVE-2024-4040) (Direct Check)

Binary data crushftpcve-2024-4040.nbin...

10CVSS9.6AI score0.99539EPSS
Exploits22References2
GithubExploit
GithubExploit
added 2024/04/25 7:51 p.m.512 views

Exploit for Code Injection in Crushftp

CVE-2024-4040 SSTI & LFI PoC - Exploitation | CrushFTP This...

10CVSS9.9AI score0.99539EPSS
Exploits22
GithubExploit
GithubExploit
added 2024/04/25 7:51 p.m.463 views

Exploit for Code Injection in Crushftp

CVE-2024-4040 SSTI & LFI PoC - Exploitation | CrushFTP This...

10CVSS9.9AI score0.99539EPSS
Exploits22
GithubExploit
GithubExploit
added 2024/04/25 5:18 a.m.484 views

Exploit for Code Injection in Crushftp

CVE-2024-4040 A server side template injection vulnerability i...

10CVSS10AI score0.99539EPSS
Exploits22
GithubExploit
GithubExploit
added 2024/04/25 4:45 a.m.431 views

Exploit for Code Injection in Crushftp

It is an exploit module targeting Apache Log4j. The target produ...

10CVSS8.8AI score0.99539EPSS
Exploits22
Wiz blog
Wiz blog
added 2024/04/24 4:15 p.m.73 views

CVE-2024-4040 exploited in the wild: everything you need to know

Detect and mitigate CVE-2024-4040, a critical vulnerability in CrushFTP exploited in the wild. Organizations should patch urgently...

10CVSS7.2AI score0.99539EPSS
Exploits22
Rapid7 Blog
Rapid7 Blog
added 2024/04/23 3:26 p.m.58 views

Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise

Rapid7 vulnerability researcher Ryan Emmons contributed to this blog. On Friday, April 19, 2024, managed file transfer vendor CrushFTP released information to a private mailing list on a new zero-day vulnerability affecting versions below 10.7.1 and 11.1.0 as well as legacy 9.x versions across al...

7.5CVSS10AI score0.99539EPSS
Exploits22
Circl
Circl
added 2024/04/23 12:1 p.m.6 views

CVE-2024-4040

creationtimestamp| type| source ---|---|--- 2024-04-23 12:01:56+00:00| seen| https://t.me/ctinow/216024 2024-04-23 12:36:17+00:00| published-proof-of-concept| https://t.me/CNArsenal/2367 2024-04-24 08:26:14+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7154 2024-04-24...

10CVSS7.1AI score0.99539EPSS
In wildExploits22References42
GithubExploit
GithubExploit
added 2024/04/23 9:31 a.m.527 views

Exploit for Code Injection in Crushftp

CVE-2024-4040 - exploit scanners This repository contains fil...

10CVSS8.1AI score0.99539EPSS
Exploits22
NVD
NVD
added 2024/04/22 8:15 p.m.17 views

CVE-2024-4040

A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code...

10CVSS10AI score0.99539EPSS
Exploits22References8
Vulnrichment
Vulnrichment
added 2024/04/22 7:21 p.m.23 views

CVE-2024-4040 Unauthenticated arbitrary file read and remote code execution in CrushFTP

A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code...

9.8CVSS8.7AI score0.99539EPSS
Exploits22References7
Rows per page
Query Builder