Controversy Surrounds Actively Exploited CrushFTP Vulnerability with Two CVEs

Two CVEs exist for an actively exploited vulnerability in CrushFTP, and a significant portion of the security industry is using the 'wrong' one. The controversy surrounding this critical vulnerability has been highlighted in a SecurityWeek article. The situation involves confusion between the two CVE identifiers, complicating the management and communication of risks associated with this flaw. The technical details and real impacts are not explicitly mentioned in the provided summary.