Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. "CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files," CrushFTP said in an advisory released Friday.

Apr 20, 2024 - 22:10
 0  7
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. "CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files," CrushFTP said in an advisory released Friday.

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow

Joy Livingstone Experienced Information Technologist with a strong foundation in cybersecurity. Skilled in HTML, PHP, Python, and managing complex IT environments, with hands-on experience in resolving hardware and software issues, as well as designing secure web solutions. Proven ability to manage network security and implement firewalls and virus protection, with exposure to Splunk SIEM and malware analysis. Adept at delivering technical support and training, and committed to leveraging cybersecurity skills to drive organizational success.