Add module for CrushFTP RCE CVE-2023-43177 #18814
Assignees
Labels
suggestion-module
New module suggestions
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
This vulnerability was disclosed in November 2023 by Converge Software and affects a file transfer product with what seems like a reasonably large internet-facing attack surface area (10K+ at time of disclosure according to the company who discovered it, though we haven't verified that ourselves).
Basic example
Code available. See these links:
https://convergetp.com/2023/11/16/crushftp-zero-day-cve-2023-43177-discovered/
https://www.bleepingcomputer.com/news/security/exploit-for-crushftp-rce-chain-released-patch-now/
Motivation
File transfer products have been under widespread attack by financially motivated threat actors the past few years. I'm not familiar with CrushFTP specifically, but even if the public attack surface area was only a quarter of what the researchers claimed it was, that'd still be higher than MOVEit Transfer exposure was when Cl0p started hitting CVE-2023-34362.
The text was updated successfully, but these errors were encountered: