Security researchers have disclosed a critical zero-day vulnerability in CrushFTP, a popular file transfer server solution, that allows attackers to execute arbitrary commands on affected systems without authentication. The vulnerability, tracked as CVE-2025-54309, has been assigned a maximum CVSS score of 9.8 and poses an immediate threat to organizations running vulnerable CrushFTP installations. Authentication Bypass Leads […]
The post CrushFTP Hit by Critical 0-Day RCE Vulnerability – Full Technical Details and PoC Published appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform