CrushFTP Chaos: Over 1,000 Servers Vulnerable to Hijack Attacks!

Over 1,000 CrushFTP instances are exposed to hijack attacks due to the CVE-2025-54309 security bug. It’s like leaving your front door wide open with a welcome mat for hackers. The flaw affects older versions, but keeping software updated can help avoid these cyber shenanigans. Stay patched, folks!

3P
Published: July 21, 2025 11:43 amAdded: July 21, 2025 at 4:59 amAssembled by: The Editor
Pro Dashboard

Hot Take:

CrushFTP is crushing it in the worst possible way, leaving over 1,000 instances of itself exposed to hijack attacks. It seems the only thing more vulnerable than those servers is my self-esteem after reading the latest cybersecurity report. Who knew mishandled AS2 validation could lead to such a crushing defeat? Time to patch up or pack up, folks!

Key Points:

  • A critical security bug, CVE-2025-54309, affects CrushFTP versions below 10.8.5 and 11.3.4_23.
  • Approximately 1,040 CrushFTP instances are unpatched and vulnerable to hijack attacks.
  • CVE-2025-54309 allows admin access to the web interface due to mishandled AS2 validation.
  • CrushFTP suggests enabling automatic updates and whitelisting IPs to mitigate risks.
  • ShadowServer is actively notifying users about the unpatched instances.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?