CrushFTP contains an unprotected alternate channel vulnerability. When the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-54309 | CrushFTP Unprotected Alternate Channel Vulnerability | exploitation_technique | T1068 | Exploitation for Privilege Escalation |
Comments
Improper validation of AS2 messages in CrushFTP without DMZ proxy enabled were reported to be exploited to bypass authentication and gain administrative access over HTTPS, leading to system compromise, data exfiltration, and lateral movement.
References
|
| CVE-2025-54309 | CrushFTP Unprotected Alternate Channel Vulnerability | primary_impact | T1567 | Exfiltration Over Web Service |
Comments
Improper validation of AS2 messages in CrushFTP without DMZ proxy enabled were reported to be exploited to bypass authentication and gain administrative access over HTTPS, leading to system compromise, data exfiltration, and lateral movement.
References
|
| CVE-2025-54309 | CrushFTP Unprotected Alternate Channel Vulnerability | secondary_impact | T1021 | Remote Services |
Comments
Improper validation of AS2 messages in CrushFTP without DMZ proxy enabled were reported to be exploited to bypass authentication and gain administrative access over HTTPS, leading to system compromise, data exfiltration, and lateral movement.
References
|