Urgent Security Advisory: CVE-2025-31161 Vulnerability in CrushFTP

Recent reports have shed light on a critical vulnerability, CVE-2025-31161, affecting CrushFTP, which is currently being exploited by cybercriminals. Despite its severity, this issue has not received the widespread attention it deserves.

What Is CVE-2025-31161?

This vulnerability constitutes an authentication bypass that impacts versions 10.0.0 to 10.8.3 and 11.0.0 to 11.3.0 of CrushFTP. If malicious actors leverage this exploit, they can access sensitive files without proper authentication and potentially attain complete control over the system, depending on the specific configurations in place.

Active Exploitation Confirmed

Exploitation attempts have already been detected in the wild, yet many users remain unaware of the threat. Given the growing trend of ransomware attacks, it is critical for CrushFTP users to take immediate action.

Recommended Actions

To protect your systems, it is strongly advised to update to CrushFTP version 10.8.4 or 11.3.1 as soon as possible. If an immediate upgrade isn’t feasible, consider utilizing CrushFTP’s DMZ proxy as a temporary safeguard while you plan for a more permanent solution.

Final Thoughts

If you are currently using CrushFTP or know someone who does, now is the time to verify your software version and ensure it is patched against this vulnerability. Ignoring this issue could lead to severe consequences, including potential ransomware incidents. Stay informed and proactive to safeguard your data.