More Than 1,400 CrushFTP Servers at Risk Due to Critical Bug
A critical vulnerability in 1,400+ exposed CrushFTP servers has sparked major security concerns. Identified as CVE-2024-4040, this flaw (previously exploited as a zero-day) allows unauthenticated attackers to remotely execute code or access files on vulnerable systems. CrushFTP urgently recommends updates to prevent exploitation that could compromise system files.
Security analysts from Shadowserver have pinpointed 1,401 CrushFTP servers that remain unpatched and exposed online, with the highest numbers located in the United States (725), Germany (115), and Canada (108). Moreover, a total of 5,232 CrushFTP servers are visible on the internet, though it remains unclear how many are susceptible to this vulnerability.
Update your CrushFTP servers promptly to mitigate this critical vulnerability and protect your systems from potential cyber threats. Stay vigilant and ensure your defenses are up to date!