Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
![Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks](https://www.ngtedu.co.in/heenachy/2024/04/Critical-Update-CrushFTP-Zero-Day-Flaw-Exploited-in-Targeted-Attacks.png)
Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild.
“CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files,” CrushFTP said in an advisory released Friday.
The post “Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks” appeared first on The Hacker News
Source:The Hacker News – [email protected] (The Hacker News)