Urgent Security Alert: CVE-2025-31161 Vulnerability in CrushFTP

In a significant security development, the authentication bypass vulnerability identified as CVE-2025-31161 is currently being exploited in the wild. This critical flaw affects multiple versions of CrushFTP, specifically from versions 10.0.0 to 10.8.3 and 11.0.0 to 11.3.0. Attackers leveraging this vulnerability can potentially access sensitive files without any valid credentials and may gain full control of the system, depending on specific configurations.

What’s particularly alarming is that, despite the active exploitation of this vulnerability, it has not received the attention it urgently requires. Cybersecurity experts are raising red flags, emphasizing the need for immediate action.

Recommended Actions for Users of CrushFTP

To safeguard your system, it is highly advisable to upgrade to the latest versions—10.8.4 or 11.3.1—as soon as possible. If an upgrade is not feasible at the moment, there is a temporary solution: utilizing CrushFTP’s DMZ proxy can serve as a protective barrier against potential attacks.

If you or someone you know is using CrushFTP, now is the critical moment to verify which version is installed and implement the necessary patches. Ignoring this vulnerability could have severe implications, especially as it may soon be leveraged in ransomware attacks or other malicious chains.

Stay vigilant and take proactive measures to secure your systems against this and future threats.