Security News > 2024 > April > CrushFTP warns users to patch exploited zero-day “immediately”
CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their servers immediately.
The company also warned customers with servers still running CrushFTP v9 to immediately upgrade to v11 or update their instance via the dashboard.
According to Shodan, at least 2,700 CrushFTP instances have their web interface exposed online to attacks, although it's impossible to determine how many have yet to be patched.
CrowdStrike says its Falcon OverWatch and Falcon Intelligence teams have seen the CrushFTP zero-days being exploited in targeted attacks.
"CrushFTP users should continue to follow the vendor's website for the most up-to-date instructions and prioritize patching."
In November, CrushFTP customers were also warned to patch a critical remote code execution vulnerability after Converge security researchers who reported the flaw also released a proof-of-concept exploit.