CVE-2017-14035
critical
CVSS v3
9.8
CVSS v2
7.5
VIR risk
9.8
Description
CrushFTP 8.x before 8.2.0 has a serialization vulnerability.
Predictions
Exploit likelihood
97%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — https://crushftp.com/version8.html
References
CWEs
CWE-502
Verify integrity in audit chain (admin only). AS-IS.