Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
CrushFTP Server Weak Password Recovery Mechanism for Forgotten Password Vulnerability - CVE-2024-53552 - Vulnerability Database
CrushFTP Server

CrushFTP Server Weak Password Recovery Mechanism for Forgotten Password Vulnerability - CVE-2024-53552

Critical
Reference: CVE-2024-53552
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-53552
Title: CrushFTP Server Weak Password Recovery Mechanism for Forgotten Password Vulnerability
Overview:

CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset leading to account takeover.