Security News > 2025 > April > Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)

Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been leveraging publicly available PoC exploit code. What can be done? CVE-2025-2825, affecting CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0, is an authentication bypass vulnerability that may allow unauthenticated attackers to access CrushFTP servers through an exposed HTTP(S) port. The vulnerability was privately disclosed to CrushFTP customers via email on … More → The post Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2025/04/01/crushftp-vulnerability-exploitation-cve-2025-2825/
Related news
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) (source)
- Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363) (source)
- Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-03-26 | CVE-2025-2825 | CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability in the S3 authorization header processing that allows authentication bypass. | 0.0 |