Attackers Modify File-Transfer Server Software to Display Patched Version Number. Managed file-transfer software developer CrushFTP said a zero-day vulnerability in its tool’s web interface is being actively exploited to gain admin-level access to servers. The company urged immediate updating, saying all versions of its software released since July 1 are patched.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/hackers-target-zero-day-vulnerability-to-exploit-crushftp-a-29020
