Introduction to CrushFTP Security
CrushFTP is a Java-based open source file transfer system offered for multiple operating systems. However, its security has been compromised in the past due to serious vulnerabilities such as CVE-2024-4040 and CVE-2025-31161. Meanwhile, a new threat has emerged in the form of brute-force attacks targeting lazily configured systems.
Understanding the Brute-Force Attack
The current attacks involve simple brute-forcing, looking for systems with weak configurations. For example, the requests seen right now are POST requests with the username and password passed as GET parameters. Additionally, the body of the request is empty.
These attacks originate from a French IP address with a history of exploit attempts targeting simple vulnerabilities. Therefore, it is essential to take proactive measures to secure your CrushFTP instance.
Securing Your CrushFTP Instance
To protect your system, ensure that you configure a strong admin user during setup. Meanwhile, avoid using suggested usernames like ‘crushadmin’ or ‘admin’, and never use the same username as the password. Furthermore, consider implementing additional security measures such as two-factor authentication.
Finally, stay informed about potential vulnerabilities and updates to ensure the security of your CrushFTP instance.
Conclusion and Call to Action
In conclusion, protecting your CrushFTP instance from brute-force attacks requires proactive measures. Therefore, take the necessary steps to secure your system and stay vigilant about potential threats.







