CrushFTP vulnerability exploited in the wild, added to CISA KEV database

A critical flaw was discovered in file transfer tool CrushFTP
Experts claim the issue was being abused in the wild
CISA added the flaw to its KEV catalog

A critical-severity vulnerability plaguing file transfer software CrushFTP was found being actively exploited in the wild.

Earlier this month, it was reported that the software, commonly used by organizations to handle large-scale file transfers, contained an authentication bypass vulnerability which allowed unauthenticated attackers to gain administrative access.

By specifically targeting the crushadmin account, threat actors could abuse the flaw to compromise the target system entirely.

CISA adds it to KEV

The flaw is now tracked as CVE-2025-31161, and was given a severity score of 9.8/10 (critical)

It affects CrushFTP versions 10 before 10.8.4 and 11 before 11.3.1. Users are strongly advised to update to these versions immediately, and if they can’t, enabling the DMZ proxy instance can serve as a temporary workaround.

Security researchers have warned that the bugs were used in the wild to install remote management tools like AnyDesk and MeshAgent, The Hacker News reported.

CISA has also picked up on the news, adding the bug to its Known Exploited Vulnerabilities Catalog (KEV). This means that Federal Civilian Executive Branch (FCEB) agencies have a three-week deadline (until April 28) to apply the patch, or stop using CrushFTP entirely.

Cybercriminals often target managed file transfer software vulnerabilities, since they could allow access to sensitive corporate files and databases. In fact, one of the most devastating cyberattacks in recent history happened in 2023, when ransomware operator Cl0p abused a previously unknown SQL injection vulnerability in MOVEit managed file transfer software to breach hundreds of corporations around the world.

A year before that, GoAnywhere MFT was breached and used to steal sensitive data from almost 130 organizations, and in January 2024, the same software was found to be vulnerable to a critical path traversal weakness flaw.

https://cdn.mos.cms.futurecdn.net/uTLwBhC26YCauAq8Swffd8-1200-80.jpg

Source link

Drive agentic AI success with an integrated approach to API management

Optus is hiking prices on its postpaid mobile plans, so I’ve found 3 cheap alternatives on the same network

I tried Claude’s new Research feature, and it’s just as good as ChatGPT and Google Gemini’s Deep Research features

NVIDIA’s Vision For AI Factories – ‘Major Trend in the Data Center World’

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

Which Celebrity Styles Americans Copy Most in 2025: New Study

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

First LNG shipment from Greater Tortue Ahmeyim project

Australia stocks higher at close of trade; S&P/ASX 200 up 0.78%

IT sector may remain range-bound amid global uncertainty: Amnish Aggarwal

US Solar Fund boosts dividend after debt refinancing

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

CrushFTP vulnerability exploited in the wild, added to CISA KEV database

Drive agentic AI success with an integrated approach to API management

First LNG shipment from Greater Tortue Ahmeyim project

Australia stocks higher at close of trade; S&P/ASX 200 up 0.78%

IT sector may remain range-bound amid global uncertainty: Amnish Aggarwal

Leave a reply Cancel reply