FTP Server Vulnerability Exploited by CVE-2024-4040 Zero-Day Attack
CrushFTP, a popular file server that supports standard secure file transfer protocols, has announced a zero-day vulnerability that was disclosed on April 19, 2024. This vulnerability, identified as CVE-2024-4040, poses a significant risk as it allows for unauthenticated remote code execution.
The vulnerability has been given a CVSS score of 9.8, indicating a high severity. This means that the vulnerability is easily exploitable and could result in a serious impact on affected systems. The vulnerability allows remote attackers to bypass the VFS sandbox and access files outside their designated limits without authentication.
The affected versions of CrushFTP include 9.x versions, before 10.7.1, and 11.1.0. It's crucial for customers to upgrade to v11.1.0, v10.7.1, or a later version to remediate this vulnerability. The link to the update information can be found on CrushFTP's official website at https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update.
The organization behind CrushFTP, Grandsoft, has acknowledged the vulnerability. Though the exact manufacturer name is not explicitly stated in the search results, CrushFTP is widely known to be developed by Grandsoft.
In addition, CISA added the vulnerability to the KEV Catalog on April 24, 2024. For those using Qualys, QID 150884 has been released on April 25th to detect the CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040). The number of detections will increase in the Qualys dashboard under the Severity of '4'.
It's important to note that this vulnerability could potentially enable attackers to read sensitive files, posing a significant threat to organizations using CrushFTP. Therefore, prompt action is advised to ensure the security of your data.
CrushFTP offers features such as WebInterface customizations and monitoring, making it a valuable tool for many organizations. However, in light of this vulnerability, it's crucial to prioritize security updates to protect your data.
Stay vigilant and secure, and remember to keep your software up-to-date to safeguard against such threats.
