Security News > 2024 > April > CrushFTP warns users to patch exploited zero-day “immediately”
CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their servers immediately.
The company also warned customers with servers still running CrushFTP v9 to immediately upgrade to v11 or update their instance via the dashboard.
According to Shodan, at least 2,700 CrushFTP instances have their web interface exposed online to attacks, although it's impossible to determine how many have yet to be patched.
CrowdStrike says its Falcon OverWatch and Falcon Intelligence teams have seen the CrushFTP zero-days being exploited in targeted attacks.
"CrushFTP users should continue to follow the vendor's website for the most up-to-date instructions and prioritize patching."
In November, CrushFTP customers were also warned to patch a critical remote code execution vulnerability after Converge security researchers who reported the flaw also released a proof-of-concept exploit.
News URL
Related news
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Emergency patch for potential SAP zero-day that could grant full system control (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days (source)