VDB-283888 | CrushFTP up to 10.8.2/11.2.2 Reset Email password recovery

Inserito da Angelo Barbosa | Nov 11, 2024 | CVE

A vulnerability classified as problematic was found in CrushFTP up to 10.8.2/11.2.2. This vulnerability affects unknown code of the component Reset Email Handler. The manipulation leads to weak password recovery.

The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

VDB-283888 | CrushFTP up to 10.8.2/11.2.2 Reset Email password recovery

Post correlati

CVE-2023-50804 | Samsung Auto T5123 NAS Module improper authentication

CVE-2024-10406 | SourceCodester Petrol Pump Management Software 1.0 /admin/edit_fuel.php id sql injection

CVE-2024-3243 | Customer Reviews for WooCommerce Plugin up to 5.46.0 on WordPress Email Sending authorization

CVE-2024-45190 | Mage AI Pipeline Interaction Request path traversal (jfsa-2024-0010)