Critical RCE Flaw in CrushFTP Exploited in the Wild

Tuesday 1st of April 2025 14:09:54

CrushFTP Flaw Actively Exploited, Patches Urged

A critical vulnerability in CrushFTP, a popular open-source FTP server software, has been found to be actively exploited, security researchers warned. The flaw, identified as CVE-2025-2825, has been present in CrushFTP versions 10.3.2 and earlier, and allows attackers to execute arbitrary code on affected systems.

The vulnerability was discovered by security researchers at cybersecurity firm, Snyk, who reported it to CrushFTP's developers. The flaw is a deserialization flaw in the software's handling of HTTP requests, which can be exploited by an attacker to inject malicious code and take control of the affected system.

According to Snyk, the vulnerability has been actively exploited in the wild, with the security firm detecting multiple instances of exploitation in recent weeks. The firm has urged users of CrushFTP to patch the vulnerability as soon as possible to prevent further exploitation.

"We have detected multiple instances of exploitation in the wild, and we urge all CrushFTP users to patch this vulnerability as soon as possible," said a spokesperson for Snyk. "The exploitation of this vulnerability could result in the complete compromise of affected systems, including the theft of sensitive data and unauthorized access to sensitive systems."

CrushFTP has released a patch for the vulnerability, which is available for download from the company's website. Users of the software are urged to apply the patch as soon as possible to prevent further exploitation of the vulnerability.

In related news, the SANS Institute has issued an alert warning of the vulnerability and urging users to take immediate action to patch the flaw. The alert notes that the vulnerability is highly exploitable and could result in significant damage to affected systems.

The discovery of the vulnerability and its active exploitation serve as a reminder of the importance of keeping software up to date and patching vulnerabilities as soon as they are discovered. Users of CrushFTP are urged to take immediate action to patch the vulnerability to prevent further exploitation.