Crushftp: >> Crushftp >> 10.8.4 Security Vulnerabilities
CVE-2025-54309
CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS, as exploited in the wild in July 2025.
Known exploited
CVSS Score
9.0
EPSS Score
0.57
Published
2025-07-18
CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port parameters in a command=telnetSocket request to the /WebInterface/function/ URI.
CVSS Score
5.0
EPSS Score
0.001
Published
2025-04-15
CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the /WebInterface/function/ URI to read files accessible by SMB at UNC share pathnames, bypassing SecurityManager restrictions.
CVSS Score
5.0
EPSS Score
0.004
Published
2025-04-15