Bruteforce Scans for CrushFTP , (Tue, Mar 3rd)
Summary
The article reports on ongoing brute-force scans targeting CrushFTP, a Java-based file transfer system. It highlights previous severe vulnerabilities in CrushFTP, including remote code execution and authentication bypass flaws.
IFF Assessment
FOE
The article describes active scanning and exploitation attempts against a known vulnerable system, indicating a direct threat to defenders.
Severity
9.8
Critical
Defender Context
Defenders running CrushFTP should be aware of these ongoing brute-force attacks, especially given the history of critical vulnerabilities in the software. It is crucial to ensure all instances are patched to the latest versions and monitored for any signs of compromise.