THREATOPS
THREAT OPSCVEs › CVE-2024-4040

CVE-2024-4040 — CrushFTP VFS Sandbox Escape Vulnerability

CISA KEVExploited: confirmedCrushFTP

CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virtual file system (VFS).

Vulnerability details