A vulnerability classified as problematic has been found in CrushFTP up to 10.7.1/11.0. Affected is an unknown function of the component VFS. The manipulation leads to information disclosure.
It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.