Overview CVE-2025-54309 is a critical security vulnerability in the CrushFTP Managed File Transfer Server, allowing unauthenticated remote attackers...
Vous n'êtes pas connecté
- THECYBERTHRONE.IN - A La Une - 22/Jul 02:31
CVE-2025-54309 – Critical Authentication Bypass in CrushFTP
Overview CVE-2025-54309 is a critical security vulnerability in the CrushFTP Managed File Transfer Server, allowing unauthenticated remote attackers to completely bypass authentication and gain administrator-level access to the web interface.…
Articles similaires
CrushFTP zero-day actively exploited at least since July 18
securityaffairs.co - 22/Jul 10:31
Hackers exploit CrushFTP zero-day, tracked as CVE-2025-54309, to gain admin access via HTTPS when DMZ proxy is off. Threat actors are exploiting a...
New CrushFTP zero-day exploited in attacks to hijack servers
bleepingcomputer.com - 18/Jul 22:24
CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain...
New CrushFTP zero-day exploited in attacks to hijack servers
bleepingcomputer.com - 18/Jul 22:24
CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain...
CVE-2025-25257 Critical FortiWeb SQL Injection Leading to RCE
thecyberthrone.in - 14/Jul 10:54
🔐 Vulnerability Summary 📌 Description This vulnerability allows unauthenticated remote attackers to perform SQL injection attacks on FortiWeb...
CISA adds CVE-2025-53770 SharePoint Vulnerability to KEV
thecyberthrone.in - 21/Jul 03:03
Summary A critical remote code execution (RCE) vulnerability has been discovered in Microsoft SharePoint Server (on-premises versions only). The...
Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices
securityaffairs.co - 22/Jul 07:28
Hardcoded credentials in HPE Aruba Instant On Wi-Fi devices, let attackers to bypass authentication and access the web interface. HPE disclosed...
CVE-2025-20337: Cisco ISE Critical RCE Vulnerability
thecyberthrone.in - 18/Jul 04:49
Summary CVE-2025-20337 is a critical remote code execution (RCE) vulnerability affecting Cisco Identity Services Engine (ISE) and Cisco ISE...
CVE-2025-47812 Wing FTP Server RCE Vulnerability
thecyberthrone.in - 12/Jul 08:00
Summary Vulnerability Details CVE-2025-47812 is a vulnerability in the login handling mechanism of Wing FTP Server that allows unauthenticated...
Fortinet FortiWeb Fabric Connector Flaw Enables Remote Code Execution
itsecuritynews.info - 13/Jul 10:32
Security researchers have identified a severe pre-authentication SQL injection vulnerability in Fortinet’s FortiWeb Fabric Connector, designated as...
Les derniers communiqués
-
Infinite Uptime Unlocks Production Reliability for Heavy Industries with PlantOS™ at Global Steel Dynamics Forum
Infinite Uptime - 18/06/2025
-
Majra – National CSR Fund Honours Top 20 CSR Projects At Inaugural Sustainable Impact Challenge 2025
National CSR Fund - 05/06/2025
-
Aatmanirbhar Bharat: Raksha Mantri approves Advanced Medium Combat Aircraft Programme Execution Model through industry partnership
Ministry of Defence - 27/05/2025
-
Government Restores RoDTEP Benefits for AA, SEZ, and EOU Exports
Ministry of Commerce and Industry - 27/05/2025
-
Coal Imports During FY 2024-25 Drops by 7.9 % Compared to FY 2023-24
Ministry of Coal - 27/05/2025
-
India Records USD 81.04 Billion FDI Inflow in FY 2024–25
Ministry of Commerce and Industry - 27/05/2025
-
Happiest Health Launches Happiest Physio Clinic in Koramangala, Bengaluru
Happiest Health Systems Private Limited - 26/05/2025
-
Shieldworkz Expands OT Cybersecurity Offerings to Tackle Emerging Threats and Posture Management Needs
Shieldworkz - 23/05/2025
-
Kailash manasarovar yatra to begin in june; computerized draw selects 750 pilgrims
Ministry of external affairs of India - 21/05/2025