Collaborate Disseminate
CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access vulnerable internet-facing servers (and likely the data stored on them). Attacke… Continue reading CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)
More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published.
The post Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day appeared first on SecurityWeek.
Continue reading Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day
By Deeba Ahmed
Popular File Transfer Software Hit by Zero-Day Exploit: Millions Potentially Exposed – Install Patches Right Now!
This is a post from HackRead.com Read the original post: Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit
Continue reading Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit
A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system fi… Continue reading CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.
The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek.
Continue reading CrushFTP Patches Exploited Zero-Day Vulnerability