CrushFTP warns users to patch exploited zero-day “immediately”

April 19, 2024 at 06:36PM CrushFTP issued a private memo warning about an actively exploited zero-day vulnerability. It enables attackers to escape the user’s file system and download system files. While servers using a DMZ perimeter network are protected, customers are urged to patch immediately. The vulnerability, reported on April 19th, affects CrushFTP versions 9 … Read more