CVE-2025-2825

Sažetak

CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability in the S3 authorization header processing that allows authentication bypass. Remote and unauthenticated HTTP requests to CrushFTP with known usernames can be used to impersonate a user and conduct actions on their behalf, including administrative actions and data retrieval.

Reference

https://attackerkb.com/topics/k0EgiL9Psz/cve-2025-2825/rapid7-analysis
https://projectdiscovery.io/blog/crushftp-authentication-bypass
https://raw.githubusercontent.com/projectdiscovery/nuclei-templates/main/http/cves/2025/CVE-2025-2825.yaml
https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
https://www.rapid7.com/blog/post/2025/03/25/etr-notable-vulnerabilities-in-next-js-cve-2025-29927/
https://www.runzero.com/blog/crushftp/
https://projectdiscovery.io/blog/crushftp-authentication-bypass

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

01-04-2025 - 19:15

Objavljeno

26-03-2025 - 16:15