Urgent Security Alert: Exploitation of CVE-2025-31161 in CrushFTP

In the realm of cybersecurity, it’s vital that we remain alert to vulnerabilities that could jeopardize our systems. Currently, there’s a concerning security issue that demands immediate attention: CVE-2025-31161, an authentication bypass vulnerability in CrushFTP.

Affecting versions 10.0.0 through 10.8.3 and versions 11.0.0 through 11.3.0, this vulnerability has been confirmed to be under active exploitation. The implications are severe; attackers can gain unauthorized access to sensitive files without needing valid credentials, potentially leading to full system control depending on the configuration.

What’s particularly alarming is that despite this active exploitation, CVE-2025-31161 seems to be flying under the radar of many users and administrators. To mitigate the risks associated with this vulnerability, it is highly recommended that users upgrade their CrushFTP installations to version 10.8.4 or 11.3.1 as soon as possible.

For those unable to patch immediately, utilizing CrushFTP’s DMZ proxy could offer a temporary safeguard. If you are currently using CrushFTP or know someone who is, now is the critical time to verify which version you are running and ensure that you implement the necessary updates.

Given the escalating frequency of ransomware attacks, it’s plausible that we could soon see this vulnerability exploited as part of a broader attack chain. Protect your data—take action now.