Description

A critical server-side template injection (SSTI) vulnerability in CrushFTP enables unauthenticated attackers to read sensitive files outside the VFS Sandbox, bypass authentication to gain administrative access, and execute arbitrary code on the server.

Remediation

Upgrade to the latest version of CrushFTP

References

CVE-2024-4040

CrushFTP Official Update Instructions

Related Vulnerabilities

Liferay DXP Session Fixation Vulnerability (CVE-2023-47798)

LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16185)

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6752)

MediaWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2020-25827)

IBM RTC Session Fixation Vulnerability (CVE-2018-1492)

Severity

Critical

Classification

CVE-2024-4040 CWE-94 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Tags

Server Side Template Injection Code Execution Known Vulnerabilities