Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)

Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been leveraging publicly available PoC exploit code. What can be done? CVE-2025-2825, affecting CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0, is an authentication bypass vulnerability that may allow unauthenticated attackers to access CrushFTP servers through an exposed HTTP(S) port. The vulnerability was privately disclosed to CrushFTP customers via email on … More → The post Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) appeared first on Help Net Security.
http://news.poseidon-us.com/TJtbml

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)

Like this:

Related

More Posts

Variation Order in Construction: A Quick Guide

Project Scope Statement: How to Write One With Examples

What Is a Project Sponsor? Roles and Responsibilities vs Project Managers

Make AI your App Development Advantage: Learn Why and How

Musk could be headed for a Washington exit after turbulent times at Trump’s DOGE

Q&A: Protecting Data with Microsoft 365

The New Age of Microsoft 365 Data Protection

OpenAI Secures Historic $40 Billion Investment

Project Management Information System (PMIS): Meaning, Reports & Example

Leadership, trust and innovation: The keys to AI’s role in modern warfare

Share this:

Like this:

Related

More Posts