URL has been copied successfully!
CrushFTP zero-day exploited in attacks to gain admin access on servers
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

CrushFTP zero-day exploited in attacks to gain admin access on servers


Tags: , , , , , ,

CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers.

First seen on bleepingcomputer.com

Jump to article: www.bleepingcomputer.com/news/security/crushftp-zero-day-exploited-in-attacks-to-gain-admin-access-on-servers/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Russian APT RomCom combines Firefox and Windows zero-day flaws in drive-by exploit
  2. CVE-2025-0282: Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild
  3. China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
  4. Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400)