CVE-2025-2825

UNKNOWN

Published 2025-03-26T15:58:14.218Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-2825. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

No description available

Available Exploits

CrushFTP - Authentication Bypass

CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability that may result in unauthenticated access. Remote and unauthenticated HTTP requests to CrushFTP may allow attackers to gain unauthorized access.

ID: CVE-2025-2825

Author: parthmalhotraIce3manDhiyaneshDkpdresearch Critical

References:

Related News

Imperva Customers Are Protected Against CVE-2025-31161 in CrushFTP

Introduction A critical security vulnerability, identified as CVE-2025-31161 (previously tracked as CVE-2025-2825), has been discovered in CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. This flaw allows unauthenticated remote attackers to …

Imperva.com 2025-04-10 19:05

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)

Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been leveraging publicly available PoC exploit code. What can be done…

Help Net Security 2025-04-01 15:35

CrushFTP CVE-2025-2825 flaw actively exploited in the wild

Attackers exploit CrushFTP CVE-2025-2825 flaw, enabling unauthenticated access to unpatched devices using public proof-of-concept code. Threat actors are exploiting a critical authentication bypass vulnerability, tracked as CVE-2025-2825, in the CrushFTP file…

Securityaffairs.com 2025-04-01 14:09

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability in the S3 authorization header processing that allows authentication bypass. Remote and unauthenticated HTTP requests to CrushFTP with known usernames can be used to impersonate a user and conduct actions on their behalf, including administrative actions and data retrieval.

Affected Products (ENISA)

crushftp

ENISA Scoring

CVSS Score (3.1)

9.8

/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

ENISA References

https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update

https://www.rapid7.com/blog/post/2025/03/25/etr-notable-vulnerabilities-in-next-js-cve-2025-29927/

https://www.runzero.com/blog/crushftp/

https://nvd.nist.gov/vuln/detail/CVE-2025-2825

https://projectdiscovery.io/blog/crushftp-authentication-bypass

https://attackerkb.com/topics/k0EgiL9Psz/cve-2025-2825/rapid7-analysis

https://raw.githubusercontent.com/projectdiscovery/nuclei-templates/main/http/cves/2025/CVE-2025-2825.yaml

Data provided by ENISA EU Vulnerability Database. Last updated: April 2, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-g533-46g7-g2f9

Advisory Details

CVSS Scoring

CVSS Score

9.0

CVSS Vector


                                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-2825

WEB https://attackerkb.com/topics/k0EgiL9Psz/cve-2025-2825/rapid7-analysis

WEB https://outpost24.com/blog/crushftp-auth-bypass-vulnerability

WEB https://projectdiscovery.io/blog/crushftp-authentication-bypass

WEB https://raw.githubusercontent.com/projectdiscovery/nuclei-templates/main/http/cves/2025/CVE-2025-2825.yaml

WEB https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update

WEB https://www.rapid7.com/blog/post/2025/03/25/etr-notable-vulnerabilities-in-next-js-cve-2025-29927

WEB https://www.runzero.com/blog/crushftp

Advisory provided by GitHub Security Advisory Database. Published: March 26, 2025, Modified: April 2, 2025

Published: 2025-03-26T15:58:14.218Z

Last Modified: 2025-04-04T19:48:00.370Z

Copied to clipboard!