A newly disclosed authentication bypass vulnerability (CVE-2025-2825) in CrushFTP file transfer software enables attackers to gain complete control of servers without valid credentials. The vulnerability affects versions 10.0.0 through 11.3.0 of the popular enterprise file transfer solution, exposing organizations to data theft and system compromise. The Exploit: Bypassing Security in 3 Steps Security researchers have […] The post CrushFTP Vulnerability Lets Hackers Bypass Security and Seize Server Control appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/crushftp-vulnerability/
