Hackers exploited a zero-day vulnerability (CVE-2025-54309) in CrushFTP’s managed file transfer software to gain administrative access to servers. The flaw impacted versions before July 1, 2023, and was exploited in-the-wild, emphasizing the importance of applying patches and implementing security measures. #CVE-2025-54309 #CrushFTP #ZeroDayExploit
Keypoints
- The zero-day vulnerability affects CrushFTP versions released before July 2023, with a high CVSS score of 9.0.
- Attackers exploited the flaw via HTTP(S) and gained administrative privileges on vulnerable servers.
- Indicators of compromise include changes in log files, new admin users, and modifications to software version hashes.
- CrushFTP recommends restoring backups, deleting the default user, and enhancing network security measures.
- Applying software updates and restricting IP access are critical for preventing further exploits.
Read More: https://www.securityweek.com/exploited-crushftp-zero-day-provides-admin-access-to-servers/