CVE-2025-54309 - Geek Feed

Over 1,000 CrushFTP servers exposed to ongoing hijack attacks

July 22, 2025July 22, 2025 geekfeed0Tagged Actively Exploited, CrushFTP, CVE-2025-54309, File Transfer, Hijack, Managed File Transfer

Over 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface. The security vulnerability (CVE-2025-54309) is due to mishandled AS2 validation and impacts all CrushFTP versions below 10.8.5 and 11.3.4_23. The vendor tagged the flaw as actively exploited in the wild on July 19th, noting that […]

2 mins read

New CrushFTP zero-day exploited in attacks to hijack servers

July 21, 2025July 21, 2025 geekfeed0Tagged 0day, Actively Exploited, Admin, CrushFTP, CrushFTP exploit, CVE-2025-54309, Zero-Day

CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. CrushFTP is an enterprise file transfer server used by organizations to securely share and manage files over FTP, SFTP, HTTP/S, and other protocols. According to CrushFTP, threat […]

3 mins read