S4E

CVE-2025-31161 Scanner

CVE-2025-31161 Scanner - Unauthorized Admin Access vulnerability in CrushFTP

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

1 month 20 days

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

CrushFTP is a secure file transfer software used by businesses and organizations worldwide. It provides a robust framework for secure file hosting, sharing, and synchronizing over various protocols. The software is widely utilized across industries due to its flexibility and ease of use, making it a popular choice for companies needing reliable file transfer solutions. Given its comprehensive features, CrushFTP allows users to manage extensive user accounts, employ secure encryption protocols, and integrate with existing authentication systems. It is particularly favored in environments where data transfer security is paramount. Businesses reliant on file exchanges, such as financial institutions, healthcare providers, and legal firms, commonly employ CrushFTP.

The vulnerability in question is an Unauthorized Admin Access flaw within affected versions of CrushFTP. It allows attackers to gain unauthorized access to the platform by exploiting weaknesses in authentication mechanisms. The susceptibility arises when the software mishandles authorization tokens, leading to potential exploitation by malicious actors. An attacker can leverage this vulnerability to bypass authentication and gain administrative privileges. The threat is notably severe, given the critical data managed by the software, requiring immediate attention and remedy. This exposure is prevalent across multiple versions of CrushFTP.

Technical details reveal that the vulnerability is triggered through specific HTTP requests that manipulate authentication cookies. By crafting requests to the WebInterface function of CrushFTP, attackers manipulate the authorization mechanism. They exploit predictable patterns in token generation, which allows unauthorized commands to be executed. This leads to the potential exposure of user data and configuration settings. Detailed examination indicates the malicious requests are structured as GET requests, embedding malformed authentication data.

Potential effects of this vulnerability include unauthorized data access, service disruption, and data integrity compromises. Exploitation may result in complete control over the CrushFTP server by attackers, enabling data theft or loss, and possible service outages. Sensitive information such as user credentials, customer data, and configuration files could be extracted or altered. Organizations relying heavily on CrushFTP may face significant risks, including reputational damage and legal consequences. Rapid mitigation and application of security patches are imperative to thwart exploitation.

REFERENCES

Get started to protecting your digital assets