April 19, 2024 at 06:36PM
CrushFTP issued a private memo warning about an actively exploited zero-day vulnerability. It enables attackers to escape the user’s file system and download system files. While servers using a DMZ perimeter network are protected, customers are urged to patch immediately. The vulnerability, reported on April 19th, affects CrushFTP versions 9 and 11 and is exploited in targeted attacks.
From the provided meeting notes, it is clear that CrushFTP has identified an actively exploited zero-day vulnerability affecting their servers. The vulnerability allows unauthenticated attackers to access system files and has been confirmed by cybersecurity company CrowdStrike as being exploited in targeted attacks.
CrushFTP has released new versions (10.7.1 and 11.1.0) that fix the vulnerability and has warned its customers to immediately patch their servers. It has also advised those using a DMZ perimeter network in front of their main instance that they are protected against attacks.
Furthermore, the company has encouraged customers still running CrushFTP v9 to upgrade to v11 or update their instance via the dashboard and has emphasized the importance of promptly applying the patch.
Finally, it is advised that CrushFTP users should follow the vendor’s website for the latest instructions and prioritize patching to mitigate the risk associated with this zero-day vulnerability.