View Attach (1) Info

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
jpg
 minor_update.jpg 356.6 kB 1 05-Dec-2023 05:32 Ada Csaba

This page (revision-65) was last changed on 18-Jul-2025 16:52 by Ben Spink

This page was created on 05-Dec-2023 05:32 by Ben Spink

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 1 changed 2 lines
!!!__CrushFTP 11.0.0 to 11.3.0 are vulnerable. Update to 11.3.1+ immediately.__
!!!__CrushFTP 10.0.0 to 10.8.3 are vulnerable. Update to 10.8.4+ immediately.__
!!!__CrushFTP 11.0.0 to 11.3.4 are vulnerable. Update to 11.3.4_23+ immediately.__
!!!__CrushFTP 10.0.0 to 10.8.4 are vulnerable. Update to 10.8.5+ immediately.__
At line 7 changed one line
Setting the flag "daily_check_and_auto_update_on_idle" to true in prefs.XML of CrushFTP v11.2.3_19+ will do automated daily checks and updates.
In your Preferences, Updates, enable "Major Release Versions".
At line 14 changed one line
__March 21, 2025 - Unauthenticated HTTP(S) port access on CrushFTPv10/v11 (CVE: CVE-2025-31161)__\\
__July 18th, 2025 - Unauthenticated HTTP(S) access using kown usernames(CVE: CVE-2025-54309)__\\
See more info here: [CompromiseJuly2025]
----
March 21, 2025 - Unauthenticated HTTP(S) port access on CrushFTPv10/v11 (CVE: CVE-2025-31161)\\
At line 16 changed one line
10.8.4 and 11.3.1 were published on 3/21/2025 and your CrushFTP instances would have notified you within a day of the new version if you are not blocking access to our update servers. Staying up to date is critical on an internet facing server.
10.8.4 and 11.3.1 were published on 3/21/2025 and your CrushFTP instances would have notified you within a day of the new version if you are not blocking access to our update servers. Staying up to date is critical on an internet facing server.\\
A good explanation of the whole exploit in the wild and why it happenned.\\
[https://www.darkreading.com/vulnerabilities-threats/disclosure-drama-clouds-crushftp-vulnerability-exploitation]\\
Version Date Modified Size Author Changes ... Change note
65 18-Jul-2025 16:52 6.065 kB Ben Spink to previous
64 18-Jul-2025 16:50 5.927 kB Ben Spink to previous | to last
63 04-Apr-2025 13:45 6.005 kB Ben Spink to previous | to last
62 02-Apr-2025 03:23 5.805 kB Ben Spink to previous | to last
61 01-Apr-2025 14:13 5.556 kB Ben Spink to previous | to last
« This page (revision-65) was last changed on 18-Jul-2025 16:52 by Ben Spink
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
LeftMenu

JSPWiki