Topic: crushftp vulnerability cve-2025-54309
-
Critical CrushFTP Flaw (CVE-2025-54309) Exploited-Check If You're at Risk
A critical vulnerability (CVE-2025-54309) in CrushFTP is being exploited, allowing attackers to gain unauthorized administrative access to enterprise file-transfer servers. Around 1,040 vulnerable CrushFTP instances, primarily in the US, Europe, and Canada, remain exposed, with attackers targetin...
Read More » -
1,000+ CrushFTP servers vulnerable to active hijacking attacks
Over 1,000 CrushFTP servers remain vulnerable to a critical flaw (CVE-2025-54309), allowing attackers to hijack admin access and steal sensitive data due to improper AS2 validation in outdated versions. CrushFTP confirmed active exploitation in mid-July, urging users to patch to versions 10.8.5 o...
Read More »
