Product
Exploitation of CVE-2024-4040, a server-side template injection vulnerability in CrushFTP, allows unauthenticated remote attackers to access files, circumvent authentication, and execute arbitrary commands.