CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild
CrushFTP软件发现零日漏洞CVE-2025-54309,允许攻击者获取管理员权限。该漏洞于7月18日被发现并被积极利用。攻击者可能通过逆向工程发现此漏洞,并已野外利用两次。CrushFTP已发布修复版本10.8.5和11.3.4_23以解决此问题。
Aggregator
CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild
2 months ago
A critical zero-day flaw in CrushFTP that can grant attackers administrator access was discovered on July 18 and is under active exploitation.
BackgroundOn July 18, CrushFTP published an update to its CrushWiki detailing the discovery and exploitation of a zero-day in its CrushFTP software:
CVEDescriptionCVSSv3CVE-2025-54309CrushFTP Unprotected Alternate Channel Vulnerability9.0Tenable’s Research Special Operations (RSO) team is monitoring for any further developments surrounding CVE-2025-54309. We have classified it as a Vulnerability of Interest (VOI).
AnalysisCVE-2025-54309 is an unprotected alternate channel vulnerability in CrushFTP. The vulnerability exists because of a mishandling of validation in Applicability Statement 2 (AS2), a protocol for transporting critical data. A remote, unauthenticated attacker could exploit this vulnerability to obtain administrative access through CrushFTP.
Zero-day exploitation detected on July 18, 2025
According to CrushFTP, CVE-2025-54309 was first discovered as being exploited as a zero-day by unknown threat actors on July 18 at 9AM CST. However, they caution that exploitation may have “been going on for longer.”
CrushFTP says attackers reviewed recent patch to uncover zero-day
In addition to confirming exploitation of this flaw, CrushFTP says that attackers appear to have discovered it after reverse engineering its code to discover a bug that is fixed in the latest versions of its software.
Historical exploitation of CrushFTP
Since 2024, there have been two vulnerabilities exploited in the wild against CrushFTP. CVE-2024-4040, a sandbox escape flaw in CrushFTP’s virtual file system (VFS) sandbox, was exploited against multiple U.S. entities.
In May 2025, CVE-2025-31161, a critical authentication bypass vulnerability in CrushFTP, first identified as CVE-2025-2825 and subsequently rejected, was exploited in the wild after it was publicly disclosed.
Proof of conceptAt the time this blog post was published, there was no proof-of-concept (PoC) for CVE-2025-54309.
SolutionThe following are the affected and fixed versions of CrushFTP:
Affected VersionsFixed Versions10.8.4 and below10.8.511.3.4_22 and below11.3.4_23Additionally, CrushFTP included some indicators of compromise (IOCs) and mitigation techniques in its Crush11Wiki update on July 18.
As a reminder, CrushFTP will stop supporting CrushFTP v10 in March 2026.
Identifying affected systemsA list of Tenable plugins for this vulnerability can be found on the individual CVE page for CVE-2025-54309 as they’re released. This link will display all available plugins for this vulnerability, including upcoming plugins in our Plugins Pipeline.
Get more informationJoin Tenable's Research Special Operations (RSO) Team on the Tenable Community.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.
Satnam Narang
美团、京东、饿了么被监管约谈;宇树科技开启上市辅导;NBA 巨星乔丹豪宅上线爱彼迎 | 极客早知道
2 months ago
当前环境异常,需完成验证后继续访问。
美团、京东、饿了么被监管约谈;宇树科技开启上市辅导;NBA 巨星乔丹豪宅上线爱彼迎 | 极客早知道
2 months ago
比亚迪将赞助中国足协中国之队,5 年 7500 万元;Meta 又从苹果挖来两名 AI 研究人员;理想 i8 发布会地址与小米 YU7 相同,向小米 YU7 致敬
四川某科技公司未落实网络安全保护义务致数据泄露被处罚
2 months ago
四川某科技公司未落实网络安全保护义务致数据泄露被处罚
2 months ago
当前环境出现异常,需完成验证后才能继续访问。
lockc: Making containers more secure with eBPF and Linux Security Modules
2 months ago
lockc lockc is open source software for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main reason why lockc exists is that containers do not contain. Containers are not as secure and isolated...
The post lockc: Making containers more secure with eBPF and Linux Security Modules appeared first on Penetration Testing Tools.
ddos
INC
2 months ago
You must login to view this content
cohenido
CVE-2025-37105 | HPE AutoPass License Server up to 9.17 hsqldb code injection (EUVD-2025-21734)
2 months ago
A vulnerability was found in HPE AutoPass License Server up to 9.17 and classified as critical. Affected by this issue is some unknown functionality of the component hsqldb. The manipulation leads to code injection.
This vulnerability is handled as CVE-2025-37105. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-53908 | rommapp romm up to 3.10.2/4.0.0-beta2 /api/raw path traversal (GHSA-fx9g-xw4j-jwc3)
2 months ago
A vulnerability, which was classified as problematic, has been found in rommapp romm up to 3.10.2/4.0.0-beta2. Affected by this issue is some unknown functionality of the file /api/raw. The manipulation leads to path traversal: '/dir/../filename'.
This vulnerability is handled as CVE-2025-53908. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-51630 | TOTOLINK N350RT 9.3.5u.6139_B20201216 setIpPortFilterRules ePort buffer overflow (EUVD-2025-21773)
2 months ago
A vulnerability classified as critical was found in TOTOLINK N350RT 9.3.5u.6139_B20201216. This vulnerability affects the function setIpPortFilterRules. The manipulation of the argument ePort leads to buffer overflow.
This vulnerability was named CVE-2025-51630. The attack can be initiated remotely. There is no exploit available.
vuldb.com
探讨AI安全研究最前沿,InForSec夏令营导师面对面共聚西电,欢迎报名参会!
2 months ago
2025年8月6~7日,2025 InForSec夏令营将召开为期两天的InForSec学术交流会暨“导师面对面”专题活动。欢迎大家报名参会!
探讨AI安全研究最前沿,InForSec夏令营导师面对面共聚西电,欢迎报名参会!
2 months ago
当前环境异常,需完成验证后继续访问.
美国铁路关基系统曝漏洞,英国零售商650万数据遭窃取|一周特辑
2 months ago
点击查看更多本周网络安全大事件。
CVE-2024-41068 | Linux Kernel up to 6.9.10 s390 lib/list_debug.c sclp_init state issue (Nessus ID 207884 / WID-SEC-2024-1722)
2 months ago
A vulnerability was found in Linux Kernel up to 6.9.10 and classified as problematic. This issue affects the function sclp_init in the library lib/list_debug.c of the component s390. The manipulation leads to state issue.
The identification of this vulnerability is CVE-2024-41068. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-41065 | Linux Kernel up to 6.9.10 pseries mm/usercopy.c information disclosure (Nessus ID 207773 / WID-SEC-2024-1722)
2 months ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.9.10. This issue affects some unknown processing of the file mm/usercopy.c of the component pseries. The manipulation leads to information disclosure.
The identification of this vulnerability is CVE-2024-41065. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-41063 | Linux Kernel up to 6.9.10 hci_unregister_dev deadlock (Nessus ID 208953 / WID-SEC-2024-1722)
2 months ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.9.10. This affects the function hci_unregister_dev. The manipulation leads to deadlock.
This vulnerability is uniquely identified as CVE-2024-41063. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-41061 | Linux Kernel up to 6.9.10 AMD Display dml2_calculate_rq_and_dlg_params array index (94166fe12543/0ad4b4a2f635 / Nessus ID 210060)
2 months ago
A vulnerability classified as problematic was found in Linux Kernel up to 6.9.10. Affected by this vulnerability is the function dml2_calculate_rq_and_dlg_params of the component AMD Display. The manipulation leads to improper validation of array index.
This vulnerability is known as CVE-2024-41061. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Security, AI Oversight Are Flashpoints in Draft Defense Bill
2 months ago
House, Senate Versions of 2026 NDAA Offer Competing Approaches to Cyber
Washington is wagering that future conflicts will unfold as much in cyberspace as on the battlefield, with House and Senate lawmakers unveiling dueling drafts of a nearly $900 billion defense bill that spotlights needs for cybersecurity and artificial intelligence technology.
Washington is wagering that future conflicts will unfold as much in cyberspace as on the battlefield, with House and Senate lawmakers unveiling dueling drafts of a nearly $900 billion defense bill that spotlights needs for cybersecurity and artificial intelligence technology.
Texas Drug, Alcohol Testing Firm Hack Affects Nearly 750,000
2 months ago
Cybercrime Group Bian Lian Claimed Responsibility for Attack Last Year
A Texas-based firm that conducts workplace drug and alcohol testing for private employers and for compliance with state and federal agencies, including the Department of Transportation, disclosed to regulators that a July 2024 hacking incident affected nearly 750,000 people.
A Texas-based firm that conducts workplace drug and alcohol testing for private employers and for compliance with state and federal agencies, including the Department of Transportation, disclosed to regulators that a July 2024 hacking incident affected nearly 750,000 people.