CrushFTP zero-day exploited in attacks to gain admin access on servers

CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. [...]

https://www.bleepingcomputer.com/news/security/crushftp-zero-day-exploited-in-attacks-to-gain-admin-access-on-servers/

Posted from: this blog via Microsoft Power Automate.

Comments

Popular posts from this blog