Question 1

What is CVE-2024-4040 — CrushFTP VFS Sandbox Escape Vulnerability?

Accepted Answer

CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virtual file system (VFS).

Question 2

What is the authoritative source for CVE-2024-4040?

Accepted Answer

CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2024-4040CrushFTP VFS Sandbox Escape Vulnerability

Description

Scoring

CISA KEV entry

(incoming)1

Related by meaning· 6