Skip to main content

CVE-2024-4040

Description

A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.

NVD
Severity: CRITICAL
CVE ID: CVE-2024-4040
CVSS Score: 10.0
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
DirectCyber
Severity: CRITICAL
CVE ID: CVE-2024-4040
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Refrence: NVDMITRE

Proof Of Concept

airbus-cert

Scanner for CVE-2024-4040

Refrence: GitHub

tr4c3rs

CVE-2024-4040 (CrushFTP VFS escape) or (CrushFTP unauthenticated RCE)

Refrence: GitHub

tucommenceapousser

Scanner of vulnerability on crushftp instance

Refrence: GitHub

rbih-boulanouar

Refrence: GitHub

Mufti22

A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.

Refrence: GitHub

Stuub

CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.8