Urgent Security Alert: Exploitation of CVE-2025-31161 in CrushFTP

Attention all CrushFTP users: a severe authentication bypass vulnerability, identified as CVE-2025-31161, is currently being exploited in the wild. This issue primarily affects versions ranging from 10.0.0 to 10.8.3, and 11.0.0 to 11.3.0. If left unaddressed, it poses significant risks by potentially enabling attackers to access sensitive files without authorization and take control of systems, contingent on specific configurations.

Despite the serious nature of this vulnerability, it has not received the widespread attention it warrants. Reports indicate that active exploitation has already been observed, underscoring the critical need for immediate action.

To safeguard your system, it is highly advisable to upgrade to CrushFTP versions 10.8.4 or 11.3.1 at your earliest convenience. If upgrading is not feasible for you right now, consider leveraging CrushFTP’s DMZ proxy feature as a temporary measure to add a protective layer against exploitation.

If you are operating CrushFTP or are aware of individuals or organizations that do, please take this time to verify your current Software version. Implementing the necessary patches promptly could prevent your system from becoming a target in this ongoing threat, which may soon find its way into ransomware operations.

Stay vigilant and ensure your systems remain secure!