Lädt...


📰 CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)


Nachrichtenbereich: 📰 IT Security Nachrichten
🔗 Quelle: helpnetsecurity.com

A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system files (i.e., configuration files), but only if the solution’s WebInterface is exposed on the internet. According to Censys, there are currently 9,600+ publicly-exposed CrushFTP hosts (virtual & physical), mostly in North America and Europe. About CVE-2024-4040 CrushFTP sent out notices about … More

The post CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040) appeared first on Help Net Security.

...

📰 Citrix warns admins to immediately patch NetScaler for actively exploited zero-days


📈 31.19 Punkte
📰 IT Security Nachrichten

📰 CrushFTP File Transfer Vulnerability Lets Attackers Download System Files


📈 30.73 Punkte
📰 IT Security Nachrichten

📰 Over 1,400 CrushFTP servers vulnerable to actively exploited bug


📈 30.1 Punkte
📰 IT Security Nachrichten

🕵️ CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog


📈 30.1 Punkte
🕵️ Hacking

🕵️ CrushFTP Vulnerability Exploited in Wild to Execute Remote Code


📈 30.1 Punkte
🕵️ Hacking

📰 Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082)


📈 26.4 Punkte
📰 IT Security Nachrichten

📰 Curious how do attackers know immediately


📈 25.96 Punkte
📰 IT Security Nachrichten

📰 Patch Immediately! Critical Exchange Server Vulnerability Actively Exploited


📈 25.33 Punkte
📰 IT Security Nachrichten

📰 Ivanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887)


📈 24.18 Punkte
📰 IT Security Nachrichten

📰 Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351)


📈 24.18 Punkte
📰 IT Security Nachrichten

📰 Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)


📈 24.18 Punkte
📰 IT Security Nachrichten

📰 Three reasons why you shouldn't immediately upgrade to iOS 10


📈 24.02 Punkte
📰 IT Security Nachrichten

📰 Three reasons why you shouldn't immediately upgrade to iOS 10


📈 24.02 Punkte
📰 IT Security Nachrichten

📰 Critical vulnerabilities in upgrade component in Dell; update immediately


📈 24.02 Punkte
📰 IT Security Nachrichten

🕵️ CrushFTP bis 8.1.x Serialized unbekannte Schwachstelle [CVE-2017-14035]


📈 22.37 Punkte
🕵️ Sicherheitslücken

🕵️ CrushFTP bis 7.7.x/8.1.x Cross Site Scripting [CVE-2017-14036]


📈 22.37 Punkte
🕵️ Sicherheitslücken

🕵️ CrushFTP up to 7.7.x/8.1.x Open Redirect [CVE-2017-14038]


📈 22.37 Punkte
🕵️ Sicherheitslücken

🕵️ CrushFTP up to 7.7.x/8.1.x cross site scripting [CVE-2017-14036]


📈 22.37 Punkte
🕵️ Sicherheitslücken

🕵️ CrushFTP up to 8.1.x Serialized unknown vulnerability [CVE-2017-14035]


📈 22.37 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2021-44076 | CrushFTP 9 Most Visited Section cross site scripting


📈 22.37 Punkte
🕵️ Sicherheitslücken

⚠️ #0daytoday #CrushFTP Remote Code Execution Exploit CVE-2023-43177 [remote #exploits #0day #Exploit]


📈 22.37 Punkte
⚠️ PoC

🕵️ CVE-2023-43177 | CrushFTP up to 10.5.0 Object Attribute dynamically-managed code resources


📈 22.37 Punkte
🕵️ Sicherheitslücken

📰 CISA emergency directive: Mitigate Ivanti zero-days immediately


📈 22.36 Punkte
📰 IT Security Nachrichten

🕵️ CrushFTP bis 7.7.x/8.1.x HTTP Header unbekannte Schwachstelle


📈 21.26 Punkte
🕵️ Sicherheitslücken

🕵️ CrushFTP bis 7.7.x/8.1.x Redirect


📈 21.26 Punkte
🕵️ Sicherheitslücken

🕵️ Ben Spink CrushFTP Server up to 2.1.6 Command GET/CD/NLST/SIZE/RETR directory traversal


📈 21.26 Punkte
🕵️ Sicherheitslücken

🕵️ CrushFTP up to 7.7.x/8.1.x HTTP Header unknown vulnerability


📈 21.26 Punkte
🕵️ Sicherheitslücken

📰 Exploit for CrushFTP RCE chain released, patch now


📈 21.26 Punkte
📰 IT Security Nachrichten

📰 CrushFTP: Exploit gefährdet zahlreiche Server, Patch verfügbar


📈 21.26 Punkte
📰 IT Security Nachrichten

🕵️ CrushFTP: Exploit gefährdet zahlreiche Server, Patch verfügbar - WinFuture


📈 21.26 Punkte
🕵️ Hacking

💾 CrushFTP Remote Code Execution


📈 21.26 Punkte
💾 IT Security Tools

⚠️ CrushFTP Remote Code Execution


📈 21.26 Punkte
⚠️ PoC

📰 Jetzt patchen! Attacken auf Dateiübertragungsserver CrushFTP beobachtet


📈 21.26 Punkte
📰 IT Security Nachrichten

📰 Jetzt patchen! Attacken auf Dateiübertragungsserver CrushFTP beobachtet


📈 21.26 Punkte
📰 IT Security Nachrichten

matomo