Outpost24 analysts recently discovered a critical authentication bypass vulnerability in CrushFTP, identified as CVE-2025-31161.
Today, the team posted a blog detailing the process of their reporting, including how other parties circulating this news under a different CVE caused media confusion.
The vulnerability is now being exploited by remote attackers, who are using it to gain unauthenticated access to devices running unpatched versions of CrushFTP v10 or v11. There have been over 1,500 vulnerable instances exposed online. The threat is particularly concerning as file transfer products like CrushFTP are often targeted by ransomware gangs.
The blog runs through how the vulnerability works, how Outpost24 found it, and the timeline of events around the botched disclosure of this issue.
For full details, you can read the blog in full here: https://outpost24.com/blog/crushftp-auth-bypass-vulnerability/
Like this:
Like Loading...
Related
This entry was posted on April 2, 2025 at 2:26 pm and is filed under Commentary with tags Outpost24. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Outpost24 Puts Up A Blog Post On The CrushFTP Authentication Bypass Vulnerability… And The Events That Led To Mass Attacks
Outpost24 analysts recently discovered a critical authentication bypass vulnerability in CrushFTP, identified as CVE-2025-31161.
Today, the team posted a blog detailing the process of their reporting, including how other parties circulating this news under a different CVE caused media confusion.
The vulnerability is now being exploited by remote attackers, who are using it to gain unauthenticated access to devices running unpatched versions of CrushFTP v10 or v11. There have been over 1,500 vulnerable instances exposed online. The threat is particularly concerning as file transfer products like CrushFTP are often targeted by ransomware gangs.
The blog runs through how the vulnerability works, how Outpost24 found it, and the timeline of events around the botched disclosure of this issue.
For full details, you can read the blog in full here: https://outpost24.com/blog/crushftp-auth-bypass-vulnerability/
Share this:
Like this:
Related
This entry was posted on April 2, 2025 at 2:26 pm and is filed under Commentary with tags Outpost24. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.