CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited
Tenable
APRIL 23, 2024
An authenticated attacker with low privileges could exploit this vulnerability on a vulnerable CrushFTP server to escape the virtual file system (VFS) sandbox. Analysis CVE-2024-4040 is an improper input validation vulnerability in CrushFTP. Successful exploitation would allow an attacker to download system files.
Let's personalize your content