Skip to content

Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

  • by
ftp U1gOlN

Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild.
“CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files,” CrushFTP said in an advisory released Friday.

Leave a Reply

Your email address will not be published. Required fields are marked *