Two critical vulnerabilities have been identified in widely used software: CrushFTP and Next.js. CrushFTP, a file transfer solution, contains a vulnerability allowing unauthorized access through standard web ports, bypassing security measures. Additionally, Next.js, a popular React framework, suffers from CVE-2025-29927, which enables attackers to circumvent authorization checks in middleware. Both vulnerabilities pose significant risks, potentially […]
The post CrushFTP HTTPS Port Vulnerability Leads to Unauthorized Access appeared first on Cyber Security News.
This article has been indexed from Cyber Security News