Crushftp Security Vulnerabilities (CVEs)

Track 7 security vulnerabilities affecting Crushftp products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

4 Critical

3 Medium

Sort by:

🔔 Get Alerts for Crushftp

CVE-2025-63419 6.1

This CVE describes a Cross-Site Scripting (XSS) vulnerability in CrushFTP's file sharing feature where malicious filenames are reflected in email bodi...

Nov 12, 2025

CVE-2025-63420 4.1

CVE-2025-63420 is a stored HTML injection vulnerability in CrushFTP11's admin panel that allows attackers to inject malicious HTML into the 'Who Creat...

Nov 7, 2025

CVE-2025-54309 9.0

This vulnerability in CrushFTP allows remote attackers to bypass AS2 validation and gain administrative access via HTTPS when the DMZ proxy feature is...

Jul 18, 2025

CVE-2025-32103 5.0

CVE-2025-32103 is a directory traversal vulnerability in CrushFTP that allows attackers to bypass SecurityManager restrictions and read files accessib...

Apr 15, 2025

CVE-2025-31161 9.8

This critical authentication bypass vulnerability in CrushFTP allows unauthenticated attackers to gain administrative access by exploiting a race cond...

Apr 3, 2025

CVE-2024-53552 9.8

This vulnerability in CrushFTP allows attackers to bypass password reset mechanisms, potentially leading to complete account takeover. It affects Crus...

Dec 10, 2024

CVE-2024-4040 9.8

CVE-2024-4040 is a critical server-side template injection vulnerability in CrushFTP that allows unauthenticated attackers to read files outside the s...

Apr 22, 2024

Why Monitor Crushftp Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 7+ known vulnerabilities affecting Crushftp products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Crushftp packages in under 60 seconds. No agents required - completely agentless scanning that works across Crushftp deployments.

Free vulnerability database: Access detailed information about every Crushftp CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Crushftp CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Crushftp CVEs Free