VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
View the template here CVE-2024-4040.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-4040