Vulnerabilities in CrushFTP
5 resultsCVE-2025-31161CRITICALCrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instaEPSS 100.0%KEVCVE-2024-4040CRITICALUnauthenticated arbitrary file read and remote code execution in CrushFTPEPSS 99.5%KEVCVE-2025-54309CRITICALCrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allowsEPSS 92.0%KEVCVE-2025-32103MEDIUMCrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the /WebInterface/function/ URI to read files acEPSS 12.2%CVE-2025-32102MEDIUMCrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port parameters in a command=telnetSocket request EPSS 5.7%