globe with a red arrow through the middle, and dark blue text saying Direct Cyber

VFS Sandbox Escape in CrushFTP

Credit

Simon Garrelou, of Airbus CERT

Details

CVE-2024-4040

VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox. It is being actively exploited in the wild by APT actors.

References

  1. Vendor advisory from CrushFTP
  2. Crowdstrike Situational Awareness