Introduction A critical security vulnerability, identified as CVE-2025-31161 (previously tracked as CVE-2025-2825), has been discovered in CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. This flaw allows unauthenticated remote attackers to access unpatched CrushFTP servers if they’re publicly exposed over HTTP(S). The vulnerability has been actively exploited since March 2025, underscoring the urgency for […]
The post Imperva Customers Are Protected Against CVE-2025-31161 in CrushFTP appeared first on Blog.
This article has been indexed from Blog