Over 1,000 vulnerable CrushFTP instances are exposed online due to a critical security flaw (CVE-2025-54309), risking hijack attacks and data theft. Keeping software up-to-date and monitoring for suspicious activity are essential to prevent exploitation of this vulnerability. #CrushFTP #CVE202554309
Keypoints
- Over 1,000 CrushFTP servers remain unpatched and vulnerable to hijack attacks.
- The security flaw (CVE-2025-54309) affects all versions below 10.8.5 and 11.3.4_23.
- The vulnerability is actively exploited in the wild, with hackers reverse engineering the code.
- CrushFTP advises updating regularly and using security measures like IP whitelisting and log review.
- Managed file transfer solutions like CrushFTP are high-value targets for ransomware groups such as Clop.