{"vulnerability": "CVE-2024-4040", "sightings": [{"uuid": "2fda9fc1-2a98-417e-a66d-fad58ef6114e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-04-24T18:10:03.000000Z"}, {"uuid": "b58b9988-1db2-464c-a27e-4bdbc81d95ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "39286bbe-9241-4d4b-8509-7a1462ad4721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "80888aaf-2a1b-410d-8585-ae2526b8344a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-17)", "content": "", "creation_timestamp": "2025-01-17T00:00:00.000000Z"}, {"uuid": "c640521e-3549-4f20-aa94-7d221a1ccd6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-23)", "content": "", "creation_timestamp": "2024-12-23T00:00:00.000000Z"}, {"uuid": "af01e500-3998-4660-bf5e-95cecec8b378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-30)", "content": "", "creation_timestamp": "2024-12-30T00:00:00.000000Z"}, {"uuid": "162a58c3-e3bf-4165-942c-459d27312400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "805a8793-888d-4a76-baba-d2ccbd14a89b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:03.000000Z"}, {"uuid": "ee1e9253-e8a8-4c74-9b96-5d652a97d772", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-18)", "content": "", "creation_timestamp": "2025-02-18T00:00:00.000000Z"}, {"uuid": "64e4bfe0-b8d8-41ac-91a8-8e8432ff84e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-18)", "content": "", "creation_timestamp": "2025-02-18T00:00:00.000000Z"}, {"uuid": "789c68d5-8aa3-4f33-8dd7-700ceaa89e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:54.000000Z"}, {"uuid": "29340cde-9411-40d6-b658-f133d7ff12ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-28)", "content": "", "creation_timestamp": "2025-08-28T00:00:00.000000Z"}, {"uuid": "744a7578-76b1-4039-a5ca-00db8b78c742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "ede4c182-084b-4682-9291-432d4b8e1130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/crushftp_fileread_cve_2024_4040.rb", "content": "", "creation_timestamp": "2024-05-07T14:03:06.000000Z"}, {"uuid": "4f35a0bd-fa3b-4ac2-905d-395b9d718d4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-20)", "content": "", "creation_timestamp": "2025-06-20T00:00:00.000000Z"}, {"uuid": "924306a4-3ac1-40da-9443-18828b516f86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3luhdnmcxhs2w", "content": "", "creation_timestamp": "2025-07-21T06:15:38.972392Z"}, {"uuid": "4dafedd1-1bb4-4544-89e6-5707c5c09276", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:12.000000Z"}, {"uuid": "92ce9f30-f12a-4e0f-abaa-dbc45e635c4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mga2m5gbz223", "content": "", "creation_timestamp": "2026-03-04T10:18:31.553582Z"}, {"uuid": "1b8a2a30-c5fd-4d50-846a-02a327af7451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-09)", "content": "", "creation_timestamp": "2026-03-09T00:00:00.000000Z"}, {"uuid": "b4f5346b-053a-4737-83e5-b4a81213bd84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/89273c87-aa73-4f7a-a840-c748fde773b0", "content": "", "creation_timestamp": "2026-02-02T12:26:37.615777Z"}, {"uuid": "6225d0f2-5548-467d-bdeb-4baa549654ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7871", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4040 PoC\nURL\uff1ahttps://github.com/truonghuuphuc/CVE-2024-39943-Poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-05T07:12:36.000000Z"}, {"uuid": "0719712e-8e75-4fd3-ad2d-7a2529e1bfa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-05)", "content": "", "creation_timestamp": "2026-04-05T00:00:00.000000Z"}, {"uuid": "c9de5bb8-e373-40f5-837c-7823eb2ccd26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7294", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support\nURL\uff1ahttps://github.com/1ncendium/CVE-2024-4040\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-13T17:35:27.000000Z"}, {"uuid": "a32bc676-e522-44fc-ae71-4d0f89d1c5fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7870", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4040 PoC\nURL\uff1ahttps://github.com/entroychang/CVE-2024-4040\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-05T05:48:43.000000Z"}, {"uuid": "9897de5b-9435-48c3-b362-38c2565a2aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7146", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aScanner for CVE-2024-4040\nURL\uff1ahttps://github.com/airbus-cert/CVE-2024-4040\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-04-24T09:33:27.000000Z"}, {"uuid": "6fc27b7c-2c42-4aa4-a90c-94c1fcbfef8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "Telegram/5CPDoGea4VxlGpUWdnippgkEikQaqjZZ0eR1kfQrZYnd55E", "content": "", "creation_timestamp": "2025-11-06T15:00:06.000000Z"}, {"uuid": "0eb2673b-18a4-47d6-9adb-8657f9df03da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7188", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit CrushFTP CVE-2024-4040\nURL\uff1ahttps://github.com/Mohammaddvd/CVE-2024-4040\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-04-30T13:49:40.000000Z"}, {"uuid": "35c8ab3c-70c5-4332-b4d8-384237e809ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7173", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover\nURL\uff1ahttps://github.com/Stuub/CVE-2024-4040-SSTI-LFI\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-04-25T20:31:06.000000Z"}, {"uuid": "19b62d0d-512d-470a-9856-2b83cfdcd3e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7154", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4040 (CrushFTP VFS escape) or (CrushFTP unauthenticated RCE)\nURL\uff1ahttps://github.com/tr4c3rs/CVE-2024-4040-RCE-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-04-24T08:26:14.000000Z"}, {"uuid": "f558a60d-75b0-4e2d-bc35-1d8e922952ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7172", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover\nURL\uff1ahttps://github.com/Stuub/Crushed-CVE-2024-4040-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-04-25T20:18:44.000000Z"}, {"uuid": "62b65e8e-1223-400e-ac74-b60244dbccff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/571", "content": "#exploit\n1. CVE-2023-41538:\nphpjabbers PHP Forum XSS\nhttps://github.com/codeb0ss/CVE-2023-41538-PoC\n\n2. Exploiting the EvilVideo vulnerability on Telegram for Android\nhttps://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android\n\n3. CVE-2024-4040:\nCrushFTP VFS Sandbox Escape\nhttps://github.com/airbus-cert/CVE-2024-4040", "creation_timestamp": "2024-07-24T02:35:45.000000Z"}, {"uuid": "67919b0d-2917-4f82-97ac-6c3521295a2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "d5437545-be1a-4015-933f-1e817dfdd161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8649", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1ais a PoC for CVE-2024-4040 tool for exploiting the SSTI vulnerability in CrushFTP\nURL\uff1ahttps://github.com/geniuszlyy/GenCrushSSTIExploit\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-30T16:21:58.000000Z"}, {"uuid": "c8a506c2-5368-4a18-953c-72d6309d6529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7209", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-27956 WORDPRESS RCE PLUGIN\nURL\uff1ahttps://github.com/gotr00t0day/CVE-2024-4040\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-03T23:32:23.000000Z"}, {"uuid": "5b7df3b1-4746-4e94-bd27-ff131ae4620b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7293", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support\nURL\uff1ahttps://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-05-13T17:06:26.000000Z"}, {"uuid": "8fc7194c-28d4-40c8-a819-3fa1bdd86e71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "https://t.me/itsec_news/5610", "content": "\u200b\u26a1\ufe0f\u0425\u0430\u043a\u0435\u0440\u044b \u0437\u0430\u0445\u043e\u0434\u044f\u0442 \u0431\u0435\u0437 \u0432\u0445\u043e\u0434\u0430: CrushFTP v11 \u043e\u0442\u043a\u0440\u044b\u0442 \u0434\u043b\u044f \u0430\u0442\u0430\u043a\n\n\ud83d\udcac CrushFTP \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0444\u0430\u0439\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0447\u0435\u0440\u0435\u0437 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 HTTP(S)-\u043f\u043e\u0440\u0442\u044b. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430, \u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043f\u0438\u0441\u044c\u043c\u0443, \u0440\u0430\u0437\u043e\u0441\u043b\u0430\u043d\u043d\u043e\u043c\u0443 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c 21 \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432\u043e \u0432\u0441\u0435\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 CrushFTP v11. \u0420\u0430\u043d\u0435\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u043f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u043f\u0438\u0441\u044c\u043c\u0430, \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u043d\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f. \u041e\u0434\u043d\u0430\u043a\u043e \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0432 \u0442\u043e\u0442 \u0436\u0435 \u0434\u0435\u043d\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0440\u0435\u0447\u0438\u0442 \u044d\u0442\u043e\u043c\u0443 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044e \u2014 \u0432 \u043d\u0435\u0439 \u0443\u043a\u0430\u0437\u0430\u043d\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0438 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 v10. \u041f\u0435\u0440\u0432\u044b\u043c\u0438 \u043e\u0431 \u044d\u0442\u043e\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Rapid7, \u0447\u0442\u043e \u0432\u044b\u0437\u0432\u0430\u043b\u043e \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u043e\u0431\u0435\u0441\u043f\u043e\u043a\u043e\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u0421\u0443\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0440\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0433\u043e HTTP(S)-\u043f\u043e\u0440\u0442\u0430 \u0445\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0431\u0435\u0437 \u043f\u0440\u043e\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u0420\u0435\u0448\u0435\u043d\u0438\u0435\u043c \u043c\u043e\u0436\u0435\u0442 \u0441\u043b\u0443\u0436\u0438\u0442\u044c \u043b\u0438\u0431\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 CrushFTP v11.3.1 \u0438 \u0432\u044b\u0448\u0435, \u043b\u0438\u0431\u043e \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438 DMZ, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440 \u0432 \u0434\u0435\u043c\u0438\u043b\u0438\u0442\u0430\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0437\u043e\u043d\u0435 \u0438 \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0441\u043d\u0438\u0436\u0430\u0435\u0442 \u0440\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0430, \u0447\u0442\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0441\u0440\u043e\u0447\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435. \u0414\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c DMZ-\u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u0437\u0430\u0449\u0438\u0442\u0443 \u0434\u043e \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. CrushFTP \u043f\u043e\u043e\u0431\u0435\u0449\u0430\u043b\u0430 \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 CVE, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0435\u0451 \u0441\u0442\u0430\u0442\u0443\u0441 \u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shodan, \u0431\u043e\u043b\u0435\u0435 3400 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 CrushFTP \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0438\u043c\u0435\u044e\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043c\u0438\u0448\u0435\u043d\u044f\u043c\u0438. \u041d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043a\u0430\u043a\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043d\u0438\u0445 \u0443\u0436\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u042d\u0442\u043e \u043d\u0435 \u043f\u0435\u0440\u0432\u044b\u0439 \u0441\u043b\u0443\u0447\u0430\u0439, \u043a\u043e\u0433\u0434\u0430 CrushFTP \u0441\u0442\u0430\u043b\u043a\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0441 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u0412 \u0430\u043f\u0440\u0435\u043b\u0435 2024 \u0433\u043e\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f (CVE-2024-4040), \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438. \u0422\u043e\u0433\u0434\u0430 \u0430\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0438 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u043e\u0431\u0445\u043e\u0434 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432. \u0412 \u0430\u0442\u0430\u043a\u0430\u0445 \u043f\u0440\u043e\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u043d\u0430 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-26T08:49:37.000000Z"}, {"uuid": "bacad112-4180-4658-9719-a1edc28e4ddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "Telegram/OollRHxvoptfGlV2c1gbdC6jSDWMy1y9qQszI5U7KKS9Kqc", "content": "", "creation_timestamp": "2025-07-04T21:00:04.000000Z"}, {"uuid": "a271d774-9622-4b02-968e-5486018729cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40400", "type": "seen", "source": "https://t.me/cvedetector/1229", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40400 - Automad RCE Through File Upload\", \n  \"Content\": \"CVE ID : CVE-2024-40400 \nPublished : July 19, 2024, 7:15 p.m. | 42\u00a0minutes ago \nDescription : An arbitrary file upload vulnerability in the image upload function of Automad v2.0.0 allows attackers to execute arbitrary code via a crafted file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-19T22:03:44.000000Z"}, {"uuid": "0997cfe4-8a9f-4832-b889-c36f0e9d18b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40407", "type": "seen", "source": "https://t.me/cvedetector/10902", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40407 - Thinfinity Workspace Full Path Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-40407 \nPublished : Nov. 13, 2024, 11:15 p.m. | 24\u00a0minutes ago \nDescription : A full path disclosure in Cybele Software Thinfinity Workspace before v7.0.2.113 allows attackers to obtain the root path of the application via unspecified vectors. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T00:46:11.000000Z"}, {"uuid": "b38e3b76-a2a7-461f-b25a-659dece952c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40405", "type": "seen", "source": "https://t.me/cvedetector/10901", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40405 - Thinfinity Workspace Unsecured Access Control Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-40405 \nPublished : Nov. 13, 2024, 11:15 p.m. | 24\u00a0minutes ago \nDescription : Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker via a crafted request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T00:46:11.000000Z"}, {"uuid": "6f63ba4e-fc91-49f9-aa2e-75826248fa3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40408", "type": "seen", "source": "https://t.me/cvedetector/10899", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40408 - Cybele Software Thinfinity Workspace Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-40408 \nPublished : Nov. 13, 2024, 11:15 p.m. | 24\u00a0minutes ago \nDescription : Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T00:46:09.000000Z"}, {"uuid": "9ad32c09-c7d9-4608-81bf-7041ad2530dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40404", "type": "seen", "source": "https://t.me/cvedetector/10900", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40404 - Cybele Software Thinfinity Workspace Web Socket Access Control Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40404 \nPublished : Nov. 13, 2024, 11:15 p.m. | 24\u00a0minutes ago \nDescription : Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the API endpoint where Web Sockets connections are established. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T00:46:10.000000Z"}, {"uuid": "ba5763e1-e1fb-4494-ae4d-a594f51f8be4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/7053", "content": "#exploit \n\n1. CVE-2023-41538:\nphpjabbers PHP Forum XSS\nhttps://github.com/codeb0ss/CVE-2023-41538-PoC\n\n2. Exploiting the EvilVideo vulnerability on Telegram for Android\nhttps://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android\n\n3. CVE-2024-4040:\nCrushFTP VFS Sandbox Escape\nhttps://github.com/airbus-cert/CVE-2024-4040", "creation_timestamp": "2024-07-23T12:40:21.000000Z"}, {"uuid": "1a347110-3f77-471e-b08f-816ac4075016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40402", "type": "seen", "source": "https://t.me/cvedetector/1120", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40402 - Sourcecodester Simple Library Management System SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-40402 \nPublished : July 17, 2024, 8:15 p.m. | 37\u00a0minutes ago \nDescription : A SQL injection vulnerability was found in 'ajax.php' of Sourcecodester Simple Library Management System 1.0. This vulnerability stems from insufficient user input validation of the 'username' parameter, allowing attackers to inject malicious SQL queries. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T23:14:35.000000Z"}, {"uuid": "55d70997-3fc9-4458-b673-4684648220b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/Hunt3rkill3rs1/119", "content": "CVE-2024-4040\nPrivate version", "creation_timestamp": "2024-05-07T12:40:40.000000Z"}, {"uuid": "d9671492-e698-4d7e-b67a-372319d2f39a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "https://t.me/arpsyndicate/4937", "content": "#ExploitObserverAlert\n\nCVE-2024-4040\n\nDESCRIPTION: Exploit Observer has 67 entries in 13 file formats related to CVE-2024-4040. A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.\n\nFIRST-EPSS: 0.959300000\nNVD-IS: 6.0\nNVD-ES: 3.9\nARPS-PRIORITY: 0.9589201", "creation_timestamp": "2024-05-09T07:57:19.000000Z"}, {"uuid": "9fce596e-3b0b-452d-8afc-f8d5656d0c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/lostsec/521", "content": "Crushed | Exploiting Arbitrary File Read on CrushFTP! (CVE-2024-4040)\n\nDork: intitle:\"CrushFTP WebInterface\" inurl:/WebInterface/login.html\n\nhttp.favicon.hash:-1022206565\n\nhttps://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC", "creation_timestamp": "2024-05-17T15:35:25.000000Z"}, {"uuid": "ca0eb726-5171-42c9-a180-f0716b255104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "https://t.me/CyberSecurityIL/43564", "content": "\u05e9\u05ea\u05d9 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05e9\u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05e2\"\u05d9 \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05d1\u05e2\u05d5\u05dc\u05dd \u05d5\u05db\u05d3\u05d0\u05d9 \u05dc\u05e9\u05d9\u05dd \u05d0\u05dc\u05d9\u05d4\u05df \u05dc\u05d1:\n\n- \u05d7\u05d5\u05dc\u05e9\u05d4 \u05d1\u05e9\u05e8\u05ea\u05d9 CrushFTP \u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 - CVE-2024-4040 (\u05de\u05d1\u05d3\u05d9\u05e7\u05d4 \u05e7\u05e6\u05e8\u05d4 \u05d1\u05e9\u05d5\u05d3\u05d0\u05df \u05e0\u05e8\u05d0\u05d4 \u05e9\u05d9\u05e9 \u05db\u05de\u05d4 \u05e9\u05e8\u05ea\u05d9\u05dd \u05d1\u05d5\u05d3\u05d3\u05d9\u05dd \u05d1\u05d9\u05e9\u05e8\u05d0\u05dc)\n\n- \u05d7\u05d5\u05dc\u05e9\u05d4 SQLi \u05d1\u05e4\u05dc\u05d0\u05d2\u05d9\u05df WP Automatic \u05d4\u05de\u05e9\u05de\u05e9 \u05d0\u05ea\u05e8\u05d9\u05dd \u05d4\u05e2\u05d5\u05e9\u05d9\u05dd \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05e4\u05dc\u05d8\u05e4\u05d5\u05e8\u05de\u05ea \u05d5\u05d5\u05e8\u05d3\u05e4\u05e8\u05e1 - CVE-2024-27956. \u05d0\u05dd \u05d0\u05ea\u05dd \u05e2\u05d5\u05e9\u05d9\u05dd \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05e4\u05dc\u05d0\u05d2\u05d9\u05df \u05d0\u05d6 \u05ea\u05d6\u05d3\u05e8\u05d6\u05d5 \u05dc\u05e2\u05d3\u05db\u05df \u05dc\u05d2\u05e8\u05e1\u05d4 \u05d4\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4.\n\nhttps://t.me/CyberSecurityIL/5052\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2024-04-25T20:40:42.000000Z"}, {"uuid": "4bc983fd-90ee-4df2-8f6e-726e9c06c11a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "Telegram/tRNzWeK7e4RtVaEfI5A4_99w3XXEu_KZG4YSqM4rqyyO5Y0", "content": "", "creation_timestamp": "2024-06-05T05:24:55.000000Z"}, {"uuid": "e08b3eb4-4ff3-41f2-883e-25ccec937ca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/softrinx/128500", "content": "https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC", "creation_timestamp": "2024-04-26T22:10:56.000000Z"}, {"uuid": "947f69b4-0c34-461a-98c4-17dcc6164c55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/softrinx/300", "content": "https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC", "creation_timestamp": "2024-04-26T22:10:56.000000Z"}, {"uuid": "92848881-d924-4ac0-86b1-062b71c57573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "Telegram/j16LSzugXnLKmxEE_EteSEQNVBWFcC5K5WAquCXcmaOO60l6", "content": "", "creation_timestamp": "2024-04-27T17:50:27.000000Z"}, {"uuid": "f1338a46-69b8-4c12-be36-cdabd1d197f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "Telegram/YCDIeb_LVc1ecka2jh76erbkknSH7CJgCECmkEPo-JhYSqpQ", "content": "", "creation_timestamp": "2024-04-26T22:13:10.000000Z"}, {"uuid": "fe5389e6-f984-4e65-97fe-baf9df5a621c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "Telegram/5z_FFG2DgXoUigQvX6_F8S6coBHecJGC84egfmBU_R6pwA", "content": "", "creation_timestamp": "2024-05-07T13:43:20.000000Z"}, {"uuid": "eed165dd-38b8-4f88-8dfd-57e4d431ee3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2019", "content": "CVE-2024-4040 CrushFTP  RCE\n*\nCrushFTP \u0432\u043e \u0432\u0441\u0435\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0434\u043e 10.7.1 \u0438 11.1.0 \u043d\u0430 \u0432\u0441\u0435\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u0445 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0447\u0438\u0442\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0438\u0437 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b VFS, \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430\n*\nUsage:\npython exploit.py -u https://example.com -p /etc/passwd\n*\nExploit\n\n#rce #ftp", "creation_timestamp": "2024-04-25T07:06:33.000000Z"}, {"uuid": "f132b225-6284-418f-aea8-08817055f58b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "https://t.me/ctinow/216309", "content": "https://ift.tt/1LD0WFf\nOver 1,400 CrushFTP internet-facing servers vulnerable to CVE-2024-4040 bug", "creation_timestamp": "2024-04-26T11:31:38.000000Z"}, {"uuid": "cac01334-580e-4b3d-b0bf-8db073be0492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2367", "content": "https://github.com/airbus-cert/CVE-2024-4040\n\nCVE-2024-4040 - exploit scanners\n#github #exploit", "creation_timestamp": "2024-04-23T12:36:17.000000Z"}, {"uuid": "be82f4b4-a128-4936-bff7-6d75591647e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "https://t.me/true_secator/5682", "content": "Shadowserver \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 (\u043e\u0431 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043c\u0443\u0434\u0430\u043a\u043e\u0432), \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 1400 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 CrushFTP \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a (\u0438\u0437 5232 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shodan), \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (SSTI) \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0443\u044e\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 CVE-2024-4040 \u043a\u0430\u043a \u0432\u044b\u0445\u043e\u0434 \u0438\u0437 \u00ab\u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b\u00bb VFS \u0432 \u0441\u0432\u043e\u0435\u043c \u041f\u041e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0444\u0430\u0439\u043b\u043e\u0432, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0439 \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u043c\u0443 \u0447\u0442\u0435\u043d\u0438\u044e \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u041d\u043e \u043d\u0430 \u0434\u0435\u043b\u0435 \u0436\u0435 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 RCE \u0432 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u0412 \u043f\u044f\u0442\u043d\u0438\u0446\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u043e \u0432\u043e\u0437 \u0438 \u043d\u044b\u043d\u0435 \u0442\u0430\u043c.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c Rapid7 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u044f\u0432\u0438\u0432, \u0447\u0442\u043e \u043e\u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043d\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u043e\u0441\u043e\u0431\u044b\u0445 \u0442\u0440\u0443\u0434\u043d\u043e\u0441\u0442\u0435\u0439.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root, \u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, CrowdStrike \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u043e\u0442\u0447\u0435\u0442 \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u043d\u0430 \u0440\u044f\u0434 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0421\u0428\u0410 \u0441 \u0446\u0435\u043b\u044c\u044e \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430.\n\n\u0411\u0443\u0434\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c.", "creation_timestamp": "2024-04-26T15:38:30.000000Z"}, {"uuid": "084fb37c-1926-4c54-8740-a8482bd78ee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "exploited", "source": "https://t.me/thehackernews/4873", "content": "UPDATE \u2014 Airbus CERT releases Python scripts to scan for the critical CrushFTP flaw (CVE-2024-4040) that allows remote code execution. The zero-day has been exploited in attacks against U.S. entities. \n \nCheck: https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html \n \n#infosec", "creation_timestamp": "2024-04-24T18:43:57.000000Z"}, {"uuid": "e6a1334d-84de-4890-b79e-bd05a0c5b58c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "https://t.me/ctinow/216495", "content": "https://ift.tt/hOXDBSF\nCrushFTP Zero-Day Exploitation Due to CVE-2024-4040", "creation_timestamp": "2024-04-30T20:56:12.000000Z"}, {"uuid": "c90be268-c073-409d-a8ab-48ecb16a2bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "seen", "source": "https://t.me/ctinow/216024", "content": "https://ift.tt/3m9XMU8\nCrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)", "creation_timestamp": "2024-04-23T12:01:56.000000Z"}, {"uuid": "f88068a6-742d-4258-9523-5fcd4784b5b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10873", "content": "#exploit\n1. CVE-2023-41538:\nphpjabbers PHP Forum XSS\nhttps://github.com/codeb0ss/CVE-2023-41538-PoC\n\n2. Exploiting the EvilVideo vulnerability on Telegram for Android\nhttps://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android\n\n3. CVE-2024-4040:\nCrushFTP VFS Sandbox Escape\nhttps://github.com/airbus-cert/CVE-2024-4040", "creation_timestamp": "2024-07-23T18:39:31.000000Z"}, {"uuid": "302ee587-6b81-425f-89ff-1c773a0a5325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10412", "content": "#exploit\n1. CVE-2024-21345:\nWindows Kernel EoP\nhttps://github.com/exploits-forsale/CVE-2024-21345\n\n2. CVE-2024-4040:\nPrivilege escalation after CrushFTP\nhttps://ift.tt/OBjIiZE", "creation_timestamp": "2024-04-28T18:22:59.000000Z"}, {"uuid": "ec79f24d-875b-4454-a19c-681bf2cc6181", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/BackupLulz/75", "content": "", "creation_timestamp": "2024-11-03T04:41:13.000000Z"}, {"uuid": "4723916d-daec-4a94-a1ce-d4830f052cb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1937", "content": "https://censys.com/crushftp-cve-2024-4040-crushed-expectations/\n\n\u269c\ufe0f @club1337", "creation_timestamp": "2024-11-11T02:18:18.000000Z"}, {"uuid": "194c4a9b-b141-4763-a100-861fed3d6f58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4040", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1921", "content": "The CrushFTP vulnerability, CVE-2024-4040\n\ndemo of the file inclusion trick and some of the speculation on the sessions.obj usage to gain remote code execution \n\nhttps://youtu.be/etHDJWYElso?si=U2vSOVI6YgBD4N60\n\n\u269c\ufe0f @club1337", "creation_timestamp": "2024-11-11T02:18:18.000000Z"}]}