Crushftp

Crushftp

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-63419

  • EPSS 0.03%
  • Veröffentlicht 12.11.2025 00:00:00
  • Zuletzt bearbeitet 14.11.2025 16:42:30

Cross Site Scripting (XSS) vulnerability in CrushFTP 11.3.6_48. The Web-Based Server has a feature where users can share files, the feature reflects the filename to an emailbody field with no sanitations leading to HTML Injection.

4.1

CVE-2025-63420

  • EPSS 0.04%
  • Veröffentlicht 07.11.2025 00:00:00
  • Zuletzt bearbeitet 12.11.2025 16:20:22

CrushFTP11 before 11.3.7_57 is vulnerable to stored HTML injection in the CrushFTP Admin Panel (Reports / "Who Created Folder"), enabling persistent HTML execution in admin sessions.

9.8

CVE-2025-54309

Warnung Medienbericht
  • EPSS 49.64%
  • Veröffentlicht 18.07.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 19:25:42

CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS, as exploited in the wild in July 2025.

5

CVE-2025-32103

Exploit
  • EPSS 0.51%
  • Veröffentlicht 15.04.2025 00:00:00
  • Zuletzt bearbeitet 03.11.2025 20:18:26

CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the /WebInterface/function/ URI to read files accessible by SMB at UNC share pathnames, bypassing SecurityManager restrictions.

5

CVE-2025-32102

Exploit
  • EPSS 0.1%
  • Veröffentlicht 15.04.2025 00:00:00
  • Zuletzt bearbeitet 03.11.2025 20:18:26

CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port parameters in a command=telnetSocket request to the /WebInterface/function/ URI.

9.8

CVE-2025-31161

Warnung Medienbericht Exploit
  • EPSS 86.55%
  • Veröffentlicht 03.04.2025 00:00:00
  • Zuletzt bearbeitet 31.10.2025 22:04:34

CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instance is used), as exploited in the wild in March and April 2025, aka "Unauthenticated HTTP(S) port access." A r...

9.8

CVE-2025-2825

Medienbericht
  • EPSS 5.28%
  • Veröffentlicht 26.03.2025 15:58:14
  • Zuletzt bearbeitet 02.04.2025 21:15:33

CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability in the S3 authorization header processing that allows authentication bypass. Remote and unauthenticated HTTP requests to CrushFTP with known usernames c...

9.6

CVE-2024-11986

  • EPSS 1.11%
  • Veröffentlicht 13.12.2024 14:15:21
  • Zuletzt bearbeitet 13.12.2024 14:15:21

Improper input handling in the 'Host Header' allows an unauthenticated attacker to store a payload in web application logs. When an Administrator views the logs using the application's standard functionality, it enables the execution of the payload, ...

9.8

CVE-2024-53552

  • EPSS 0.23%
  • Veröffentlicht 10.12.2024 02:15:17
  • Zuletzt bearbeitet 27.06.2025 17:58:40

CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover.

6.1

CVE-2024-22910

  • EPSS 0.37%
  • Veröffentlicht 14.05.2024 14:58:26
  • Zuletzt bearbeitet 13.06.2025 12:52:26

Cross Site Scripting (XSS) vulnerability in CrushFTP v.10.6.0 and v.10.5.5 allows an attacker to execute arbitrary code via a crafted payload.