Urgent Security Alert: Exploitation of CrushFTP Vulnerability CVE-2025-31161

In an alarming development, a critical authentication bypass vulnerability identified as CVE-2025-31161 is currently being exploited in the wild. This security flaw specifically affects versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 of CrushFTP. If successfully exploited, attackers could potentially access sensitive files without the need for valid login credentials and, depending on system configurations, gain complete control over affected systems.

The troubling aspect of this vulnerability is that although active exploitation has been verified, it remains largely unnoticed by many users and IT professionals. To mitigate the risk posed by this vulnerability, it is strongly recommended that users upgrade to CrushFTP versions 10.8.4 or 11.3.1 without delay.

For those unable to implement the patch immediately, utilizing CrushFTP’s DMZ proxy could offer a temporary safeguard while a more permanent solution is pursued.

If you are managing CrushFTP, or if you know someone who is, it is crucial to verify your current version and prioritize applying the latest patches. Given the potential for this vulnerability to be incorporated into ransomware attacks, proactive steps are essential to protect your system. Don’t wait until it’s too late—act now to secure your environment.