CVE-2024-4040 Scanner
CVE-2024-4040 scanner - Local File Inclusion (LFI) vulnerability in CrushFTP
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Time Interval
792 sec
Scan only one
Domain, Ipv4
Toolbox
-
CrushFTP is widely used by enterprises and individuals to manage and transfer files securely over the internet. It is favored for its robustness, extensive feature set, and cross-platform compatibility. Administrators use it to handle large volumes of file transfers efficiently. It supports various protocols such as FTP, SFTP, and WebDAV, ensuring flexibility in deployment. CrushFTP's Virtual File System (VFS) offers advanced permissions and access controls to enhance security.
The Local File Inclusion (LFI) vulnerability in CrushFTP allows attackers to access files on the server outside of the designated sandbox. This flaw can be exploited remotely by attackers with low privileges. Successful exploitation can lead to unauthorized access to sensitive data. It poses a critical security risk due to the potential exposure of confidential information.
The vulnerability resides in the VFS Sandbox component of CrushFTP, which fails to properly restrict file access. An attacker can exploit this flaw by sending crafted HTTP requests that include file paths. These requests bypass the sandbox restrictions and access files outside the intended directory. The vulnerability is present in the handling of ZIP file creation commands within the WebInterface. Both authenticated and unauthenticated exploitation paths are possible, depending on the attacker's privileges.
Exploitation of this vulnerability can lead to significant data breaches. Attackers may gain access to system files, configuration files, and other sensitive information. Unauthorized file access can compromise the confidentiality and integrity of data stored on the server. This breach could lead to further attacks, including privilege escalation and remote code execution. The impact can be severe, affecting both organizational operations and reputation.
By using the S4E platform, you can proactively detect and mitigate vulnerabilities like CVE-2024-4040 in your systems. Our platform offers comprehensive scanning capabilities, ensuring that your digital assets are secure from exploitation. Stay ahead of potential threats with timely alerts and detailed vulnerability reports. Benefit from our extensive knowledge base and expert recommendations to enhance your cybersecurity posture. Join us today to safeguard your critical data and maintain robust security across your infrastructure.
References:
- https://www.bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately/
- https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
- https://www.reddit.com/r/crowdstrike/comments/1c88788/situational_awareness_20240419_crushftp_virtual/
- https://www.reddit.com/r/cybersecurity/comments/1c850i2/all_versions_of_crush_ftp_are_vulnerable/