CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support
-
Updated
Jul 7, 2024 - Python
CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support
Helm chart and docker image for CrushFTP server.
Authentication Bypass PoC for CVE-2025-2825 – Exploiting CrushFTP 10.x
Proof-of-concept for CVE-2024-4040 (CrushFTP SSTI -> unauthenticated LFI) in a controlled CS443 lab environment - for educational/authorised use only.
Add a description, image, and links to the crushftp topic page so that developers can more easily learn about it.
To associate your repository with the crushftp topic, visit your repo's landing page and select "manage topics."