CVE-2025-2825
Published Mar 26, 2025
Last updated 17 days ago
AI description
CVE-2025-2825 affects CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. This vulnerability allows unauthenticated remote attackers to gain unauthorized access to the CrushFTP server. Specifically, unauthenticated HTTP requests can be made to the CrushFTP server, potentially leading to complete system compromise, unauthorized access to sensitive data, data theft or manipulation, and a breach of confidentiality, integrity, and availability.
- Description
- Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-31161. Reason: This Record is a reservation duplicate of CVE-2025-31161. Notes: All CVE users should reference CVE-2025-31161 instead of this Record. All references and descriptions in this Record have been removed to prevent accidental usage.
- Source
- cve@mitre.org
- NVD status
- Rejected
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
7
GitHub - ghostsec420/ShatteredFTP: Shattered is a tool and POC for the new CrushedFTP vulns, CVE Exploit Script: CVE-2025-2825 vs CVE-2025-31161 https://t.co/EsmLV1fo1b
@akaclandestine
20 Apr 2025
2063 Impressions
11 Retweets
42 Likes
18 Bookmarks
0 Replies
0 Quotes
[1Day1Line] CVE-2025-31161: Authentication Bypass Vulnerability in CrushFTP via Parameter Overloading https://t.co/riCEAUO6Db Hello. Today’s 1Day1Line is about a CrushFTP vulnerability that sparked controversy after being assigned two CVEs — CVE-2025-31161 and CVE-2025-2825.
@hackyboiz
19 Apr 2025
930 Impressions
5 Retweets
11 Likes
6 Bookmarks
0 Replies
0 Quotes
🚨 New plugin for CrushFTP's CVE-2025-2825/CVE-2025-31161 is up. While enumerating users to validate vulnerable instances we noticed a pattern. It's on all instances we scanned for, can you see it? What do you make of it? https://t.co/YpesS10A1N
@leak_ix
11 Apr 2025
1007 Impressions
4 Retweets
7 Likes
7 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2825
@transilienceai
8 Apr 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CrushFTP vulnerability CVE-2025-2825 is under active exploitation, with attackers bypassing authentication to gain unauthorized access to file transfer servers. Early disclosure missteps and confusion around CVE identifiers made things worse, allowing attackers to act faster. htt
@Shift6Security
7 Apr 2025
54 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2825
@transilienceai
6 Apr 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
me releases a new poc: POC: ```bash curl xxx/etc/passwd?raw&import?? ``` cve-2025-2825
@__trainee
6 Apr 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2825
@transilienceai
6 Apr 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2825
@transilienceai
5 Apr 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
We wrote up what @HuntressLabs has been seeing for the CrushFTP authentication bypass: CVE-2025-31161 (or CVE-2025-2825, whichever side of the bed you woke up on) leading to MeshCentral agents, AnyDesk, and neato "TelegramBot" malware. Patch plz! ✌️ https://t.co/Ax4cJjgONF https:
@_JohnHammond
4 Apr 2025
9463 Impressions
31 Retweets
166 Likes
28 Bookmarks
2 Replies
0 Quotes
FTP, FTPS, SFTP, HTTP, HTTPS, and WebDAV, the CrushFTP tool is designed to use multiple protocols in many OS. SMEs around the world are affected by disclosed 🚨CVE-2025-2825 🚨 https://t.co/xxncBcSlIQ https://t.co/9lE6yOOPaj
@madalin_staniu
4 Apr 2025
30 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CrushFTP under attack 💥 CVE-2025-2825 = critical auth bypass (CVSS 9.8) 📣 Disclosure drama: duplicate CVEs, public fights, & PoC leaks ⚠️ Exploits are active—1,500+ servers exposed Sloppy coordination = faster threats. #Infosec #CrushFTP 👉 https://t.co/yGFhOvNjXM
@bjgreenberg
4 Apr 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two CVEs, One Critical Flaw: Inside the CrushFTP Vulnerability Controversy - (CVE-2025-31161 vs. CVE-2025-2825) https://t.co/89A8CpEzLo
@SecurityWeek
3 Apr 2025
1697 Impressions
11 Retweets
15 Likes
2 Bookmarks
1 Reply
0 Quotes
⚠️ A critical vulnerability in #CrushFTP (CVE-2025-2825) is being exploited in the wild. Over 1,500 servers remain exposed. Urgent patching required. Read more: https://t.co/IXXINCoNl7 #CyberSecurity #InfoSec #CVE2025
@threatsbank
3 Apr 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat actors are exploiting CVE-2025-2825, a critical authentication bypass flaw (CVSS 9.8) in CrushFTP, using exploits based on publicly available proof-of-concept code. Learn about the vulnerability, affected versions, & how to detect and mitigate it: https://t.co/zBybnpnw
@qualys
3 Apr 2025
494 Impressions
2 Retweets
5 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical auth bypass vulnerability CVE-2025-2825 in #CrushFTP is now exploited in cyber attacks: #CyberSecurity #CyberAttacks https://t.co/d8fGHRshBL
@step9consulting
2 Apr 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CrushFTPにおける重大な認証バイパスの脆弱性が現在攻撃に利用されています(CVE-2025-2825) https://t.co/p28cQyKCeW #Security #セキュリティ #ニュース
@SecureShield_
2 Apr 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2825
@transilienceai
2 Apr 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Critical #CrushFTP vulnerability (CVE-2025-2825) actively exploited. Over 1,500 unpatched instances worldwide. Update to version 11.3.1 immediately to secure your systems. #CyberSecurity #InfoSec https://t.co/ZaFsMpoq0W https://t.co/KJD6Ma9l7g
@dailytechonx
1 Apr 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical CrushFTP flaw 🚨 CVE-2025-2825 is actively exploited 😱, allowing unauthenticated access to servers. Patch now 🔧 to prevent breaches! Details: https://t.co/cExsawddW9 #CyberSecurity #PatchNow 🛡️
@_F2po_
1 Apr 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical auth bypass vulnerability (CVE-2025-2825) in CrushFTP allows remote access for unauthenticated users on unpatched versions. Over 1,500 servers are at risk. 💻⚠️ #CrushFTP #RemoteAccess #USA link: https://t.co/IkYtLTx6hI https://t.co/ROTGOSiiVR
@TweetThreatNews
1 Apr 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) https://t.co/fv37awtx8i #HelpNetSecurity #Cybersecurity https://t.co/vBx0GxVflg
@PoseidonTPA
1 Apr 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CrushFTPの脆弱性CVE-2025-2825(CVSSスコア9.8)が攻撃に悪用されだした。Shadowserver報告。ハニーポットでの観測。 https://t.co/dh5wMBSvqa
@__kokumoto
1 Apr 2025
695 Impressions
0 Retweets
3 Likes
1 Bookmark
1 Reply
0 Quotes
CrushFTP CVE-2025-2825 flaw actively exploited in the wild https://t.co/Fn0hRgpyv1
@hackplayers
1 Apr 2025
421 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical CrushFTP Vulnerability Under Attack: Over 1,500 Servers at Risk Hackers are actively exploiting a newly discovered authentication bypass flaw (CVE-2025-2825) in CrushFTP, a widely used file transfer solution. ( Happy New Month #AprilFoolsDay Eid Mubarak )
@PsalmWell
1 Apr 2025
96 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
1 Quote
CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161. https://t.co/qyj56WI1bR https://t.co/aUSE1iJ8Zg
@persistsec
1 Apr 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: CVE-2025-2825: Unauthenticated HTTP(S) port access on CrushFTPv10-v11 CVE-2024-4040 Severity: 🔴 High Maturity: 💥 Mainstream Learn more: https://t.co/WswOdXmMW4 #CyberSecurity #ThreatIntel #InfoSec (1/3)
@fletch_ai
1 Apr 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Full technical analysis of CrushFTP CVE-2025-2825 here c/o @the_emmons — looks like Project Discovery came to the same conclusions we did independently (we tend to not publish these on Fridays :) https://t.co/5t6rkiFd3q
@catc0n
31 Mar 2025
434 Impressions
4 Retweets
9 Likes
2 Bookmarks
0 Replies
0 Quotes
CrushFTP actively exploited via CVE-2025-2825: Unauthenticated RCE now has public PoC & Nuclei template. Attackers compromising servers globally. Technical details: https://t.co/X7pjE0RgnU #CyberSecurity #0Day
@adriananglin
31 Mar 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 CVE-2025-2825 : Remote and unauthenticated HTTP requests to CrushFTP may allow attackers to gain unauthorized access. 🧐Deep Dive :https://t.co/cWoab3rxs9 📊 102.4K+ Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/OpFcAmqXXM 👇Query
@HunterMapping
31 Mar 2025
6429 Impressions
37 Retweets
120 Likes
72 Bookmarks
0 Replies
0 Quotes
CVE-2025-2825: CrushFTP Unauthenticated Access Vulnerability https://t.co/y5bBK2zOCG
@_cvereports
30 Mar 2025
6 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CrushFTP Vulnerability (CVE-2025-2825) 🚨 If you're using CrushFTP, check your version! A critical flaw allows unauthorized access via open HTTP(S) ports. 36,000 servers are exposed, with 3400 vulnerable. Update to v10.8.4+ or v11.3.1+ ASAP or enable DMZ for mitigation. #hack
@Stenkof200
30 Mar 2025
37 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) - Help Net Security https://t.co/ws45NO2qOA
@PVynckier
30 Mar 2025
215 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Modat Magnify Alert: We’ve identified ~2,500 exposed CrushFTP instances worldwide. According to @Shadowserver ~1,800 may be vulnerable to CVE-2025-2825 (CVSS 9.8) — an auth bypass via HTTP(S) that can be exploited. https://t.co/TYQQbwss1F #ModatMagnify #crushftp #infosec #cve
@modat_magnify
28 Mar 2025
57 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-2825: CrushFTP Authentication Bypass (CVSS 9.8) 🚨 A critical auth bypass in CrushFTP 10.0.0–10.8.3 and 11.0.0–11.3.0 allows remote attackers to gain full access using S3-style headers. The flaw stems from improper handling of authentication flags—letting attackers h
@pdiscoveryio
28 Mar 2025
925 Impressions
5 Retweets
16 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 Breaking: CrushFTP's latest feature? Unauthenticated Access! Just kidding – but CVE-2025-2825 sure makes it seem so. Check out the full exploit review before your server parties like it's 1999: https://t.co/Xwcjir2O0b #CyberSecurity #CVE2025_2825 😎 https://t.co/KpsBVIj5EQ
@InezVlasblom
27 Mar 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Our Indicators of Compromise blog post for CVE-2025-2825, an authentication bypass affecting #CrushFTP. https://t.co/1F0WfFhwlA
@Horizon3Attack
27 Mar 2025
6964 Impressions
41 Retweets
67 Likes
35 Bookmarks
1 Reply
0 Quotes
🚨 CVE-2025-2825 ⚠️🔴 CRITICAL (9.8) 🏢 CrushFTP - CrushFTP 🏗️ 11.0.0 🔗 https://t.co/D5Ve1CpEyu 🔗 https://t.co/fw2zKcPM2x 🔗 https://t.co/piHgBpXSL8 #CyberCron #VulnAlert #InfoSec https://t.co/H2yqIqkVQb
@cybercronai
27 Mar 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2825: Critical flaw in CrushFTP allows unauthenticated remote access. Patch immediately—attackers can bypass authentication completely. Details: https://t.co/6fPA7nNVkF #CyberSecurity #PatchNow
@adriananglin
27 Mar 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#CrushFTP: Patch critical #vulnerability ASAP! (#CVE-2025-2825) https://t.co/0auqLymTXk
@ScyScan
27 Mar 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) https://t.co/H0Xzncn0xl #HelpNetSecurity #Cybersecurity https://t.co/D8WTiqMRuS
@PoseidonTPA
27 Mar 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-2825: Unauthenticated HTTP(S) port access on CrushFTPv10/v11 CVSS: 9.8 https://t.co/nmQIp3mRu4
@DarkWebInformer
26 Mar 2025
5905 Impressions
19 Retweets
47 Likes
13 Bookmarks
0 Replies
1 Quote
CVE-2025-2825 CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability that may result in unauthenticated access. Remote and unauthenticated … https://t.co/4uOX9h5biW
@CVEnew
26 Mar 2025
259 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
It's been 5 days since CrushFTP publicly disclosed a new vulnerability. But no CVE assignment. It's within VulnCheck CNA scope to assign so we figured it would be helpful (see: CVE-2025-2825). Sent CrushFTP a courtesy email. 🤷♂️ https://t.co/ItNo2ea5f3
@Junior_Baines
26 Mar 2025
10917 Impressions
14 Retweets
45 Likes
11 Bookmarks
2 Replies
1 Quote
New post from https://t.co/uXvPWJy6tj (CVE-2025-2825 | CrushFTP up to 10.8.3/11.3.0 HTTP Request improper authentication) has been published on https://t.co/5lDSTXCceS
@WolfgangSesin
26 Mar 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-2825: CRITICAL] Critical vulnerability in CrushFTP versions 10.0.0-10.8.3 & 11.0.0-11.3.0 allows unauthenticated access. Attackers can exploit this flaw remotely through HTTP requests.#cybersecurity,#vulnerability https://t.co/I9jAkmyBur https://t.co/p2amrFVxFe
@CveFindCom
26 Mar 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes