Patch Now! CrushFTP Zero-day Lets Attackers Download System Files | allinfosecnews.com

April 24, 2024, 2:41 p.m. | Livia Gyongyoși

Heimdal Security Blog heimdalsecurity.com

CrushFTP urges customers to patch servers with new versions due to discovering zero-day. The CrushFTP zero-day vulnerability is tracked tracked CVE-2024-4040 and enables hackers to escape VFS and download system files. Its CVSS is 9.8, which is critical. CrushFTP zero-day explained CrushFTP is vulnerable to a server-side template injection issue that affects versions before 10.7.1 […]

The post Patch Now! CrushFTP Zero-day Lets Attackers Download System Files appeared first on Heimdal Security Blog.

attackers critical crushftp customers cve cve-2024 cve-2024-4040 cvss cybersecurity news download escape explained files hackers injection issue patch server servers system template template injection vulnerability vulnerable zero-day zero-day vulnerability

More from heimdalsecurity.com / Heimdal Security Blog

Singing River Health System Ransomware Attack Affects Nearly 900,000 1 day, 15 hours ago | heimdalsecurity.com

attack august breach breached +18

Click to Hack? New LibreOffice Vulnerability Allows Threat Actors to Execute Malware With One Click 1 day, 17 hours ago | heimdalsecurity.com

attackers can click clicking +15

BreachForums Seized by the FBI! Investigations Ongoing 1 day, 20 hours ago | heimdalsecurity.com

breachforums corporate corporate data cybercriminals +18

SentinelOne vs. Sophos: Singularity XDR or Intercept X? (+ Alternative) 2 days, 20 hours ago | heimdalsecurity.com

cybersecurity cybersecurity solutions intercept latest +13

New Google Chrome Zero-Day in Less Than a Week. Update Your Browser Now! 2 days, 22 hours ago | heimdalsecurity.com

browser chrome chrome zero-day cve +23

Unpatched Vulnerability Causes Massive Helsinki Data Breach 3 days, 17 hours ago | heimdalsecurity.com

access a network attack breach +16

What Is a Jump Server? Definition and Safety Measures 3 days, 21 hours ago | heimdalsecurity.com

administrators box bridge bypass +16

CrowdStrike vs. Trend Micro: Which XDR Is Right for You? (+ Alternative) 4 days, 16 hours ago | heimdalsecurity.com

and response business crowdstrike cybersecurity +19

[Free & Downloadable] Access Control Policy Template -2024 4 days, 17 hours ago | heimdalsecurity.com

access access control aspect control +20

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India

View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190

View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal

View on infosec-jobs.com