CrushFTP 11.0.1

CPE Details

CrushFTP 11.0.1
crushftp
crushftp
11.0.1
2024-04-26
13h48 +00:00
2024-04-26
13h48 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:crushftp:crushftp:11.0.1:*:*:*:*:*:*:*

Informations

Vendor

crushftp

Product

crushftp

Version

11.0.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-4040 2024-04-22 19h21 +00:00 A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
10
Critique