Top File Transfer Tool CrushFTP Says a Thousand Servers Are Still Vulnerable to Cyberattack, so Patch Now

Top file transfer tool CrushFTP says a thousand servers are still vulnerable to cyberattack, so patch now

Older versions granted attackers admin access via HTTPS.

Over 1,000 CrushFTP servers exposed to ongoing hijack attacks

Over 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface.

CrushFTP Zero-Day Exploit Leaves Thousands Of Servers Vulnerable To Hijacking

CrushFTP, a service that provides users with secure file server software, has recently been targeted by hackers. Unfortunately, it seems as if some customers have been compromised, with thousands of servers still vulnerable to being attacked, according to the non-profit Shadowserver Foundation. Although the company says it has remedied the

File transfer company CrushFTP warns of zero-day exploit seen in the wild

The popular file transfer company CrushFTP has discovered a previously unknown vulnerability being exploited by hackers.

New CrushFTP Critical Vulnerability Exploited in the Wild

CVE-2025-54309 could allow remote attackers to obtain admin access via HTTPS This article has been indexed from www.infosecurity-magazine.com Read the original article: New CrushFTP Critical Vulnerability Exploited in the Wild Read more → The post New CrushFTP Critical Vulnerability Exploited in the Wild appeared first on IT Security News.