Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Over 1,400 CrushFTP internet-facing servers vulnerable to CVE-2024-4040 bug

Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks targeting the critical severity vulnerability CVE-2024-4040. CVE-2024-4040 is a CrushFTP VFS sandbox escape vulnerability. CrushFTP is a file transfer server software that enables secure and efficient file transfer capabilities. It supports various features such as […]

CrushFTP

Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability.

Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks targeting the critical severity vulnerability CVE-2024-4040.

CVE-2024-4040 is a CrushFTP VFS sandbox escape vulnerability.

CrushFTP is a file transfer server software that enables secure and efficient file transfer capabilities. It supports various features such as FTP, SFTP, FTPS, HTTP, HTTPS, WebDAV, and WebDAV SSL protocols, allowing users to transfer files securely over different networks. CrushFTP also provides support for automation, scripting, user management, and extensive customization options meet the diverse needs of businesses and organizations.

In April, CrushFTP notified users of a virtual file system escape vulnerability impacting their FTP software, which could potentially enable users to download system files.

Simon Garrelou from the Airbus CERT discovered the vulnerability.

Crowdstrike researchers discovered that threat actors exploited the critical zero-day vulnerability in targeted attacks in the wild.

“On April 19, 2024, CrushFTP advised of a virtual file system escape present in their FTP software that could allows users to download system files. Falcon OverWatch and Falcon Intelligence have observed this exploit being used in the wild in a targeted fashion.” reads a post published by Crowdstrike on Reddit.

Security researchers from the Shadowserver reported that at least 1400 vulnerable servers were exposed online as of April 24, 2024. 

Most of the vulnerable servers are in the United States (725), followed by Germany (115), and Canada (108).

CrushFTP

CISA this week added CVE-2024-4040 to its Known Exploited Vulnerabilities catalog.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, zero-day)