From 4b46693ac5efcee936700e4446580ed08f0cfa05 Mon Sep 17 00:00:00 2001
From: Goby <50955360+gobysec@users.noreply.github.com>
Date: Fri, 26 Apr 2024 11:59:27 +0800
Subject: [PATCH] Create
 CrushFTP_WebInterface_function_File_Read_Vulnerability.md

---
 ...WebInterface_function_File_Read_Vulnerability.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 CrushFTP_WebInterface_function_File_Read_Vulnerability.md

diff --git a/CrushFTP_WebInterface_function_File_Read_Vulnerability.md b/CrushFTP_WebInterface_function_File_Read_Vulnerability.md
new file mode 100644
index 0000000..8847162
--- /dev/null
+++ b/CrushFTP_WebInterface_function_File_Read_Vulnerability.md
@@ -0,0 +1,13 @@
+
+## 	CrushFTP /WebInterface/function File Read Vulnerability
+
+|   **Vulnerability**  | CrushFTP /WebInterface/function File Read Vulnerability |
+| :----:   | :-----|
+|  **Chinese name**  |	CrushFTP /WebInterface/function 文件读取漏洞 |
+| **CVSS core**  | 7.7 |
+| **FOFA Query**  (click to view the results directly)| [app="crushftp"](https://en.fofa.info/result?qbase64=c2VydmVyPSJDcnVzaEZUUCIgfHwgaGVhZGVyPSIvV2ViSW50ZXJmYWNlL2xvZ2luLmh0bWwiIHx8IGJhbm5lcj0iL1dlYkludGVyZmFjZS9sb2dpbi5odG1sIiB8fCBoZWFkZXI9Ii9XZWJJbnRlcmZhY2UvdzNjL3AzcC54bWwiIHx8IGJhbm5lcj0iL1dlYkludGVyZmFjZS93M2MvcDNwLnhtbCIgfHwgdGl0bGU9IkNydXNoRlRQIg%3D%3D)|
+| **Number of assets affected**  | 		36803 |
+| **Description**  | CrushFTP is a cross-platform FTP server software that supports FTP, FTPS, SFTP, HTTP, HTTPS and other protocols.There were server-side template injection vulnerabilities before CrushFTP version 10.7.1 and version 11.1.0, which may cause unauthenticated threats to read files from the file system outside the virtual file system (VFS) sandbox, bypass authentication to obtain management access, and Execute the code remotely on the server.|
+| **Impact** | 	There were server-side template injection vulnerabilities before CrushFTP version 10.7.1 and before version 11.1.0, which may cause unauthenticated threats to read files from the file system outside the virtual file system (VFS) sandbox, bypass authentication to obtain administrative access, and remotely execute code on the server.|
+
+![](https://s3.bmp.ovh/imgs/2024/04/26/2b696d3bc719d502.gif)