Security News > 2025 > April > Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)

Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been leveraging publicly available PoC exploit code. What can be done? CVE-2025-2825, affecting CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0, is an authentication bypass vulnerability that may allow unauthenticated attackers to access CrushFTP servers through an exposed HTTP(S) port. The vulnerability was privately disclosed to CrushFTP customers via email on … More → The post Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2025/04/01/crushftp-vulnerability-exploitation-cve-2025-2825/
Related news
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)
- FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-03-26 | CVE-2025-2825 | Rejected reason: DO NOT USE THIS CVE RECORD. | 0.0 |