vulnerability
CrushFTP: CVE-2024-4040: Improper Neutralization of Special Elements Used in a Template Engine
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Apr 22, 2024 | Apr 24, 2024 | Dec 1, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Apr 22, 2024
Added
Apr 24, 2024
Modified
Dec 1, 2025
Description
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
Solution
crushftp-crushftp-upgrade-latest
References
- CWE-1336
- CWE-94
- CVE-2024-4040
- https://attackerkb.com/topics/CVE-2024-4040
- URL-https://github.com/airbus-cert/CVE-2024-4040
- URL-https://www.bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately/
- URL-https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
- URL-https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
- URL-https://www.rapid7.com/blog/post/2024/04/23/etr-unauthenticated-crushftp-zero-day-enables-complete-server-compromise/
- URL-https://www.reddit.com/r/crowdstrike/comments/1c88788/situational_awareness_20240419_crushftp_virtual/
- URL-https://www.reddit.com/r/cybersecurity/comments/1c850i2/all_versions_of_crush_ftp_are_vulnerable/
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.