CVE-2025-31161CISA KEV: Actively Exploited

CrushFTP Authentication Bypass Vulnerability

Published Apr 7, 2025·Updated Apr 7, 2025

Description

CrushFTP contains an authentication bypass vulnerability in the HTTP authorization header that allows a remote unauthenticated attacker to authenticate to any known or guessable user account (e.g., crushadmin), potentially leading to a full compromise.

Public Exploits & PoCs16 found

PoC: CVE-2025-31161

CVE-2025-31161, a critical authentication bypass vulnerability in CrushFTP WebInterface. This tool allows security researchers to scan for vulnerable instances and verify the security posture of CrushFTP servers.

1

PoC: CVE-2025-31161

CVE-2025-31161

PoC: CVE-2025-31161

Wrote an exploit in Go for CVE-2025-31161 affecting crushFTP.

PoC: CVE-2025-31161

A proof of concept for CVE-2025-31161, using mangled HTTP header to perform unauthenticated impersonation of any user in Crush FTP server.

PoC: CVE-2025-31161

PoC Authentication Bypass to RCE to Exploit CVE-2025-31161

PoC: CVE-2025-31161

Scans target to see if its vulnerable to CVE-2025-31161

PoC: CVE-2025-31161

Authentication bypass vulnerability in versions of the CrushFTP server.

PoC: CVE-2025-31161

PoC CVE-2025-31161 - Authentication Bypass CrushFTP

PoC: CVE-2025-31161

CrushFTP 11.3.1 - Authentication Bypass

PoC: Blackash-CVE-2025-31161

CVE-2025-31161

PoC: Blackash-CVE-2025-31161

CVE-2025-31161

PoC: CVE-2025-31161

🛡️ CVE-2025-31161 - CrushFTP User Creation Authentication Bypass Exploit

PoC: CVE-2025-31161_exploit

CVE-2025-31161 python exploit

PoC: Nuclei_CVE-2025-31161_CVE-2025-2825

Official Nuclei template for CVE-2025-31161 (formerly CVE-2025-2825)

PoC: CVE-2025-31161

CrushFTP CVE-2025-31161 Exploit Tool 🔓

PoC: CVE-2025-31161

Proof of Concept for CVE-2025-31161 / CVE-2025-2825

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free