CVE-2025-2825

Published Mar 26, 2025

Last updated 17 days ago

CrushFTP

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-2825 affects CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. This vulnerability allows unauthenticated remote attackers to gain unauthorized access to the CrushFTP server. Specifically, unauthenticated HTTP requests can be made to the CrushFTP server, potentially leading to complete system compromise, unauthorized access to sensitive data, data theft or manipulation, and a breach of confidentiality, integrity, and availability.

Description
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-31161. Reason: This Record is a reservation duplicate of CVE-2025-31161. Notes: All CVE users should reference CVE-2025-31161 instead of this Record. All references and descriptions in this Record have been removed to prevent accidental usage.
Source
cve@mitre.org
NVD status
Rejected

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

7

  1. GitHub - ghostsec420/ShatteredFTP: Shattered is a tool and POC for the new CrushedFTP vulns, CVE Exploit Script: CVE-2025-2825 vs CVE-2025-31161 https://t.co/EsmLV1fo1b

    @akaclandestine

    20 Apr 2025

    2063 Impressions

    11 Retweets

    42 Likes

    18 Bookmarks

    0 Replies

    0 Quotes

  2. [1Day1Line] CVE-2025-31161: Authentication Bypass Vulnerability in CrushFTP via Parameter Overloading https://t.co/riCEAUO6Db Hello. Today’s 1Day1Line is about a CrushFTP vulnerability that sparked controversy after being assigned two CVEs — CVE-2025-31161 and CVE-2025-2825.

    @hackyboiz

    19 Apr 2025

    930 Impressions

    5 Retweets

    11 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 New plugin for CrushFTP's CVE-2025-2825/CVE-2025-31161 is up. While enumerating users to validate vulnerable instances we noticed a pattern. It's on all instances we scanned for, can you see it? What do you make of it? https://t.co/YpesS10A1N

    @leak_ix

    11 Apr 2025

    1007 Impressions

    4 Retweets

    7 Likes

    7 Bookmarks

    0 Replies

    0 Quotes

  4. Actively exploited CVE : CVE-2025-2825

    @transilienceai

    8 Apr 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CrushFTP vulnerability CVE-2025-2825 is under active exploitation, with attackers bypassing authentication to gain unauthorized access to file transfer servers. Early disclosure missteps and confusion around CVE identifiers made things worse, allowing attackers to act faster. htt

    @Shift6Security

    7 Apr 2025

    54 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Actively exploited CVE : CVE-2025-2825

    @transilienceai

    6 Apr 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. me releases a new poc: POC: ```bash curl xxx/etc/passwd?raw&import?? ``` cve-2025-2825

    @__trainee

    6 Apr 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Actively exploited CVE : CVE-2025-2825

    @transilienceai

    6 Apr 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  9. Actively exploited CVE : CVE-2025-2825

    @transilienceai

    5 Apr 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  10. We wrote up what @HuntressLabs has been seeing for the CrushFTP authentication bypass: CVE-2025-31161 (or CVE-2025-2825, whichever side of the bed you woke up on) leading to MeshCentral agents, AnyDesk, and neato "TelegramBot" malware. Patch plz! ✌️ https://t.co/Ax4cJjgONF https:

    @_JohnHammond

    4 Apr 2025

    9463 Impressions

    31 Retweets

    166 Likes

    28 Bookmarks

    2 Replies

    0 Quotes

  11. FTP, FTPS, SFTP, HTTP, HTTPS, and WebDAV, the CrushFTP tool is designed to use multiple protocols in many OS. SMEs around the world are affected by disclosed 🚨CVE-2025-2825 🚨 https://t.co/xxncBcSlIQ https://t.co/9lE6yOOPaj

    @madalin_staniu

    4 Apr 2025

    30 Impressions

    1 Retweet

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. 🚨 CrushFTP under attack 💥 CVE-2025-2825 = critical auth bypass (CVSS 9.8) 📣 Disclosure drama: duplicate CVEs, public fights, & PoC leaks ⚠️ Exploits are active—1,500+ servers exposed Sloppy coordination = faster threats. #Infosec #CrushFTP 👉 https://t.co/yGFhOvNjXM

    @bjgreenberg

    4 Apr 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Two CVEs, One Critical Flaw: Inside the CrushFTP Vulnerability Controversy - (CVE-2025-31161 vs. CVE-2025-2825) https://t.co/89A8CpEzLo

    @SecurityWeek

    3 Apr 2025

    1697 Impressions

    11 Retweets

    15 Likes

    2 Bookmarks

    1 Reply

    0 Quotes

  14. ⚠️ A critical vulnerability in #CrushFTP (CVE-2025-2825) is being exploited in the wild. Over 1,500 servers remain exposed. Urgent patching required. Read more: https://t.co/IXXINCoNl7 #CyberSecurity #InfoSec #CVE2025

    @threatsbank

    3 Apr 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. Threat actors are exploiting CVE-2025-2825, a critical authentication bypass flaw (CVSS 9.8) in CrushFTP, using exploits based on publicly available proof-of-concept code. Learn about the vulnerability, affected versions, & how to detect and mitigate it: https://t.co/zBybnpnw

    @qualys

    3 Apr 2025

    494 Impressions

    2 Retweets

    5 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. Critical auth bypass vulnerability CVE-2025-2825 in #CrushFTP is now exploited in cyber attacks: #CyberSecurity #CyberAttacks https://t.co/d8fGHRshBL

    @step9consulting

    2 Apr 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. CrushFTPにおける重大な認証バイパスの脆弱性が現在攻撃に利用されています(CVE-2025-2825) https://t.co/p28cQyKCeW #Security #セキュリティ #ニュース

    @SecureShield_

    2 Apr 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. Actively exploited CVE : CVE-2025-2825

    @transilienceai

    2 Apr 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  19. Critical #CrushFTP vulnerability (CVE-2025-2825) actively exploited. Over 1,500 unpatched instances worldwide. Update to version 11.3.1 immediately to secure your systems. #CyberSecurity #InfoSec https://t.co/ZaFsMpoq0W https://t.co/KJD6Ma9l7g

    @dailytechonx

    1 Apr 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Critical CrushFTP flaw 🚨 CVE-2025-2825 is actively exploited 😱, allowing unauthenticated access to servers. Patch now 🔧 to prevent breaches! Details: https://t.co/cExsawddW9 #CyberSecurity #PatchNow 🛡️

    @_F2po_

    1 Apr 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. A critical auth bypass vulnerability (CVE-2025-2825) in CrushFTP allows remote access for unauthenticated users on unpatched versions. Over 1,500 servers are at risk. 💻⚠️ #CrushFTP #RemoteAccess #USA link: https://t.co/IkYtLTx6hI https://t.co/ROTGOSiiVR

    @TweetThreatNews

    1 Apr 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) https://t.co/fv37awtx8i #HelpNetSecurity #Cybersecurity https://t.co/vBx0GxVflg

    @PoseidonTPA

    1 Apr 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. CrushFTPの脆弱性CVE-2025-2825(CVSSスコア9.8)が攻撃に悪用されだした。Shadowserver報告。ハニーポットでの観測。 https://t.co/dh5wMBSvqa

    @__kokumoto

    1 Apr 2025

    695 Impressions

    0 Retweets

    3 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  24. CrushFTP CVE-2025-2825 flaw actively exploited in the wild https://t.co/Fn0hRgpyv1

    @hackplayers

    1 Apr 2025

    421 Impressions

    2 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. Critical CrushFTP Vulnerability Under Attack: Over 1,500 Servers at Risk Hackers are actively exploiting a newly discovered authentication bypass flaw (CVE-2025-2825) in CrushFTP, a widely used file transfer solution. ( Happy New Month #AprilFoolsDay Eid Mubarak )

    @PsalmWell

    1 Apr 2025

    96 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    1 Quote

  26. CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161. https://t.co/qyj56WI1bR https://t.co/aUSE1iJ8Zg

    @persistsec

    1 Apr 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. Threat Alert: CVE-2025-2825: Unauthenticated HTTP(S) port access on CrushFTPv10-v11 CVE-2024-4040 Severity: 🔴 High Maturity: 💥 Mainstream Learn more: https://t.co/WswOdXmMW4 #CyberSecurity #ThreatIntel #InfoSec (1/3)

    @fletch_ai

    1 Apr 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  28. Full technical analysis of CrushFTP CVE-2025-2825 here c/o @the_emmons — looks like Project Discovery came to the same conclusions we did independently (we tend to not publish these on Fridays :) https://t.co/5t6rkiFd3q

    @catc0n

    31 Mar 2025

    434 Impressions

    4 Retweets

    9 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  29. CrushFTP actively exploited via CVE-2025-2825: Unauthenticated RCE now has public PoC & Nuclei template. Attackers compromising servers globally. Technical details: https://t.co/X7pjE0RgnU #CyberSecurity #0Day

    @adriananglin

    31 Mar 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  30. 🚨Alert🚨 CVE-2025-2825 : Remote and unauthenticated HTTP requests to CrushFTP may allow attackers to gain unauthorized access. 🧐Deep Dive :https://t.co/cWoab3rxs9 📊 102.4K+ Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/OpFcAmqXXM 👇Query

    @HunterMapping

    31 Mar 2025

    6429 Impressions

    37 Retweets

    120 Likes

    72 Bookmarks

    0 Replies

    0 Quotes

  31. CVE-2025-2825: CrushFTP Unauthenticated Access Vulnerability https://t.co/y5bBK2zOCG

    @_cvereports

    30 Mar 2025

    6 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. 🚨 CrushFTP Vulnerability (CVE-2025-2825) 🚨 If you're using CrushFTP, check your version! A critical flaw allows unauthorized access via open HTTP(S) ports. 36,000 servers are exposed, with 3400 vulnerable. Update to v10.8.4+ or v11.3.1+ ASAP or enable DMZ for mitigation. #hack

    @Stenkof200

    30 Mar 2025

    37 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  33. CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) - Help Net Security https://t.co/ws45NO2qOA

    @PVynckier

    30 Mar 2025

    215 Impressions

    2 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. Modat Magnify Alert:  We’ve identified ~2,500 exposed CrushFTP instances worldwide.  According to @Shadowserver ~1,800 may be vulnerable to CVE-2025-2825 (CVSS 9.8) — an auth bypass via HTTP(S) that can be exploited. https://t.co/TYQQbwss1F  #ModatMagnify #crushftp #infosec #cve

    @modat_magnify

    28 Mar 2025

    57 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. 🚨 CVE-2025-2825: CrushFTP Authentication Bypass (CVSS 9.8) 🚨 A critical auth bypass in CrushFTP 10.0.0–10.8.3 and 11.0.0–11.3.0 allows remote attackers to gain full access using S3-style headers. The flaw stems from improper handling of authentication flags—letting attackers h

    @pdiscoveryio

    28 Mar 2025

    925 Impressions

    5 Retweets

    16 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  36. 🚨 Breaking: CrushFTP's latest feature? Unauthenticated Access! Just kidding – but CVE-2025-2825 sure makes it seem so. Check out the full exploit review before your server parties like it's 1999: https://t.co/Xwcjir2O0b #CyberSecurity #CVE2025_2825 😎 https://t.co/KpsBVIj5EQ

    @InezVlasblom

    27 Mar 2025

    62 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  37. Our Indicators of Compromise blog post for CVE-2025-2825, an authentication bypass affecting #CrushFTP. https://t.co/1F0WfFhwlA

    @Horizon3Attack

    27 Mar 2025

    6964 Impressions

    41 Retweets

    67 Likes

    35 Bookmarks

    1 Reply

    0 Quotes

  38. 🚨 CVE-2025-2825 ⚠️🔴 CRITICAL (9.8) 🏢 CrushFTP - CrushFTP 🏗️ 11.0.0 🔗 https://t.co/D5Ve1CpEyu 🔗 https://t.co/fw2zKcPM2x 🔗 https://t.co/piHgBpXSL8 #CyberCron #VulnAlert #InfoSec https://t.co/H2yqIqkVQb

    @cybercronai

    27 Mar 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  39. CVE-2025-2825: Critical flaw in CrushFTP allows unauthenticated remote access. Patch immediately—attackers can bypass authentication completely. Details: https://t.co/6fPA7nNVkF #CyberSecurity #PatchNow

    @adriananglin

    27 Mar 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. #CrushFTP: Patch critical #vulnerability ASAP! (#CVE-2025-2825) https://t.co/0auqLymTXk

    @ScyScan

    27 Mar 2025

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) https://t.co/H0Xzncn0xl #HelpNetSecurity #Cybersecurity https://t.co/D8WTiqMRuS

    @PoseidonTPA

    27 Mar 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. 🚨CVE-2025-2825: Unauthenticated HTTP(S) port access on CrushFTPv10/v11 CVSS: 9.8 https://t.co/nmQIp3mRu4

    @DarkWebInformer

    26 Mar 2025

    5905 Impressions

    19 Retweets

    47 Likes

    13 Bookmarks

    0 Replies

    1 Quote

  43. CVE-2025-2825 CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability that may result in unauthenticated access. Remote and unauthenticated … https://t.co/4uOX9h5biW

    @CVEnew

    26 Mar 2025

    259 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  44. It's been 5 days since CrushFTP publicly disclosed a new vulnerability. But no CVE assignment. It's within VulnCheck CNA scope to assign so we figured it would be helpful (see: CVE-2025-2825). Sent CrushFTP a courtesy email. 🤷‍♂️ https://t.co/ItNo2ea5f3

    @Junior_Baines

    26 Mar 2025

    10917 Impressions

    14 Retweets

    45 Likes

    11 Bookmarks

    2 Replies

    1 Quote

  45. New post from https://t.co/uXvPWJy6tj (CVE-2025-2825 | CrushFTP up to 10.8.3/11.3.0 HTTP Request improper authentication) has been published on https://t.co/5lDSTXCceS

    @WolfgangSesin

    26 Mar 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  46. [CVE-2025-2825: CRITICAL] Critical vulnerability in CrushFTP versions 10.0.0-10.8.3 & 11.0.0-11.3.0 allows unauthenticated access. Attackers can exploit this flaw remotely through HTTP requests.#cybersecurity,#vulnerability https://t.co/I9jAkmyBur https://t.co/p2amrFVxFe

    @CveFindCom

    26 Mar 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes