CrushFTP Bruteforce Attacks Target Known Vulnerabilities
Published March 3, 2026
CVE-2025-54309
High Active CVE
What Is This?
Attackers are conducting bruteforce scans against CrushFTP systems targeting multiple serious vulnerabilities including template injection and authentication bypass flaws. The July 2025 zero-day CVE-2025-54309 was actively exploited.
