COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2024-4040

CVE-2024-4040

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2024-04-24
Reference
https://nvd.nist.gov/vuln/detail/CVE-2024-4040
⌖ exploited in the wild shame 50/100 exploited-in-wild

CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virtual file system (VFS).

Players implicated

CrushFTP · vendorCrushFTP · product

Description

CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virtual file system (VFS).

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.