CVE-2025-31161
⚠ KEVEPSS 88.9%CrushFTP Authentication Bypass Vulnerability
加入 CISA KEV 日:2025/4/7
描述
CrushFTP contains an authentication bypass vulnerability in the HTTP authorization header that allows a remote unauthenticated attacker to authenticate to any known or guessable user account (e.g., crushadmin), potentially leading to a full compromise.
受影響套件(0)
OSV 沒有提供套件對應。