cpe:/a:crushftp:crushftp:7.7.0 cpe:/a:crushftp:crushftp:8.0.2 cpe:/a:crushftp:crushftp:8.0.3 cpe:/a:crushftp:crushftp:8.0.4 cpe:/a:crushftp:crushftp:8.1.0 CVE-2017-14037 2017-08-30T17:29:00.287-04:00 2017-09-02T07:49:10.470-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2017-09-01T11:47:57.817-04:00 CONFIRM https://crushftp.com/version7.html CONFIRM https://crushftp.com/version8.html CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerability.