Hackers Exploit Critical CrushFTP Zero-Day to Compromise Servers
A critical flaw in CrushFTP (CVE-2025-54309) is actively exploited, allowing remote attackers to gain admin access on unpatched servers, especially affecting sensitive environments. The vulnerability, present in versions before 10.8.5 and 11.3.4_23, involves mishandling AS2 validation and can be exploited via HTTP(S). Organizations are advised to review logs, restrict IPs, and update to mitigate risks, as multiple CVEs have targeted CrushFTP recently.