CrushFTP Vulnerability Exploited Following Disclosure Issues

April 3, 2025
CrushFTP Vulnerability Exploited Following Disclosure Issues
  1. Home
  2. News
  3. CrushFTP Vulnerability Exploited Following Disclosure Issues

A critical authentication bypass vulnerability in CrushFTP, identified as CVE-2025-31161, has been actively exploited by remote attackers following a mishandled disclosure process.

The flaw, which allows unauthenticated access to devices running unpatched versions of CrushFTP v10 or v11, has a CVSSv3.1 severity score of 9.8.

Security analysts at Outpost24 said they originally discovered the vulnerability and sought to follow a responsible disclosure timeline, working with MITRE to secure a CVE on March 13, 2025.

They coordinated with CrushFTP under an agreed 90-day non-disclosure period to ensure users had sufficient time to patch before details became public.

However, the disclosure process was disrupted when another company, VulnCheck, published a separate CVE – CVE-2025-2825 –  allegedly without consulting Outpost24 or CrushFTP. This led to the vulnerability becoming widely known before users could update their systems, resulting in active exploitation.

Over 1500 vulnerable instances have been identified online by the Shadowserver Foundation.

Tags:

No tags.

JikGuard.com, a high-tech security service provider focusing on game protection and anti-cheat, is committed to helping game companies solve the problem of cheats and hacks, and providing deeply integrated encryption protection solutions for games.

Explore Features>>

Top

Top Mobile Game Security: Essential Solutions to Protect Your Game
Top Mobile Game Security: Essential Solutions to Protect Your Game
May 7, 2025
None
Mastering String Encryption: Protect Your Games from Hackers
May 7, 2025
None
JNI Protection in Games
May 7, 2025
None
Bungie's content cycling on Destiny 2 causes legal kerfuffle in plagiarism suit
May 6, 2025
None
NCSoft invests in TX-based studio founded by id, Naughty Dog alums
May 6, 2025

Tags

Featured BlogsTop StoriesLayoffsBlogsCultureFeaturesGenerative AIGDC 2024Horror GamesUnityUbisoftValveStaff BlogOmdia | Game Industry AnalysisGame Developer EssentialsState of the Game Industry ReportGame Developer's 2024 Wrap-Up: Top Games Devs and TrendsGame Developer CollectiveAudioDesignerSpotlight SeriesDeep Divesunity encryption[Company] UnityArtist[Company] Xbox[Company] PlayStationCooking GamesAnti-modifierGame SecurityRootRoot detectionAssetbundle encryptionGodotCareer adviceQ&A'sGameGuardianModifierAnti-RootSignature verificationUnity Hardeningab package encryptioniOS resource encryptionCECheat EngineAnti-CrackingGame Anti-HackingAnti-Hacking

Recent

Top Mobile Game Security: Essential Solutions to Protect Your Game
Top Mobile Game Security: Essential Solutions to Protect Your Game
May 7, 2025
None
Mastering String Encryption: Protect Your Games from Hackers
May 7, 2025
None
JNI Protection in Games
May 7, 2025
None
Bungie's content cycling on Destiny 2 causes legal kerfuffle in plagiarism suit
May 6, 2025
None
NCSoft invests in TX-based studio founded by id, Naughty Dog alums
May 6, 2025
None
Microsoft's Q3 report shows slight Xbox growth as fresh price hikes loom
May 2, 2025
None
GTA VI has been delayed until 2026 but now has an actual release date
May 2, 2025
None
Vox sells Polygon to Valnet in a blow to video game market
May 2, 2025
None
Compulsion Games boss: Generative AI usage 'is not mandated' at Xbox
May 2, 2025
None
'It was really wearing people down:' The funding challenges that followed 'runaway success' Another Crab's Treasure
May 1, 2025

Popular

None
Xbox is increasing hardware prices and bumping first-party titles to $80
May 1, 2025
None
Report: Russia aims to seize assets of former Wargaming subsidiary Lesta Studio
April 30, 2025
None
Report: EA lays off hundreds of workers after canceling games at Respawn Entertainment
April 30, 2025
None
'We are frustrated:' ZeniMax union workers continue to pressure Microsoft over contract negotiations
April 30, 2025
None
Unity Protection: Comprehensive Strategies for Securing Your Game
April 29, 2025
None
Game Anti-Repackaging: The Ultimate Protection for Developers and Publishers
April 29, 2025
None
Game SSL Pinning: A Vital Shield for Unreal Engine Cheat Protection
April 29, 2025
None
Roblox, Discord sued for 'facilitating the sexual exploitation' of a minor
April 29, 2025
None
Journey developer thatgamecompany to co-host game jam with $10,000 prize pool
April 28, 2025
None
Unreal Engine Protection: Ensuring Game Security and Preventing Cheating
April 27, 2025

Random

None
Microsoft's Q3 report shows slight Xbox growth as fresh price hikes loom
May 2, 2025
None
Report: Russia aims to seize assets of former Wargaming subsidiary Lesta Studio
April 30, 2025
None
Tenderfoot Tactics developer pulls title from Xbox to support pro-Palestine boycott
April 25, 2025
None
Report: Meta has laid off over 100 Reality Labs employees
April 25, 2025
None
GTA VI has been delayed until 2026 but now has an actual release date
May 2, 2025
None
Exploring Memory Protection in Gaming: Key Techniques and Solutions
April 27, 2025
None
Journey developer thatgamecompany to co-host game jam with $10,000 prize pool
April 28, 2025
None
IO Interactive co-founder launches new 'consensus'-driven studio
April 25, 2025
None
App Shield: The Ultimate Solution for Mobile Game Protection
April 24, 2025
None
Nintendo tells customers in Japan to expect Switch 2 hardware shortage at launch
April 23, 2025

Most Views

None
Game Code Obfuscation: Essential Techniques and Tools for Developers
April 24, 2025
None
Anti Decompile: The Ultimate Game Protection Strategy
April 24, 2025
None
App Shield: The Ultimate Solution for Mobile Game Protection
April 24, 2025
None
Top-Rated App Protect Solutions for Mobile Game Developers: Ensure Security and Fair Play
April 24, 2025
None
Discord names former Activision Blizzard and King exec as its new CEO
April 24, 2025
None
Huge donation will help The Strong preserve the history of defunct Saints Row developer Volition
April 24, 2025
None
The Big Con developer Mighty Yell confirms layoffs
April 24, 2025
None
Top Mobile App Security Solution: Protecting Your Applications in 2025
April 23, 2025
None
Steam users will soon be able to search for games based on accessibility features
April 23, 2025
None
Nintendo tells customers in Japan to expect Switch 2 hardware shortage at launch
April 23, 2025