CrushFTP, LLC A.I CyberSecurity Scoring
CrushFTP, LLC
Company Information
Website:https://www.crushftp.com/
Employees number:3
Number of followers:81
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:crushftp.com
CrushFTP, LLC Risk Score (AI oriented)
Between 700 and 749
CrushFTP, LLCIT Services and IT Consulting
Updated:
04/04/2026
04/04/2026
747/1000
Moderate
Ba
CrushFTP, LLC Global Score (TPRM)
xxxx
CrushFTP, LLCIT Services and IT Consulting
Score locked
CrushFTP, LLCModerate
Current Score
747Ba (MODERATE)
01000
2 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JUNE 2026
747
MAY 2026
747
APRIL 2026
747
MARCH 2026
747
FEBRUARY 2026
746
JANUARY 2026
746
DECEMBER 2025
745
NOVEMBER 2025
745
OCTOBER 2025
745
SEPTEMBER 2025
745
AUGUST 2025
744
JULY 2025
744
JUNE 2025
749
Vulnerability
16 Jun 2025 • CrushFTP, LLC
CrushFTP
Zero-Day Vulnerability in CrushFTP (CVE-2025-54309)
743
CRITICAL-6
CRU243073125
A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers. The flaw, tracked as CVE-2025-54309 and scoring a critical 9.8 on the CVSS scale, stems from a fundamental breakdown in security checks within CrushFTP’s DMZ proxy configuration. Security researchers have already released proof-of-concept exploit code, significantly raising the urgency for organizations running CrushFTP to implement immediate protective measures.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
MAY 2025
750
Vulnerability
01 May 2025 • CrushFTP, LLC
CrushFTP
CrushFTP Zero-Day Vulnerability Exploitation (CVE-2025-54309)
748
LOW-2
CRU709072025
CrushFTP is warning about a zero-day vulnerability (CVE-2025-54309) that allows attackers to gain administrative access via the web interface on vulnerable servers. The vulnerability was first detected on July 18th, but it may have been exploited earlier. A prior fix inadvertently blocked this vulnerability, but threat actors reverse-engineered the software and began exploiting it on unpatched systems. Systems kept up to date are not vulnerable. Indicators of compromise include unexpected entries in user.XML and new, unrecognized admin-level usernames. It is unclear if the attacks were used for data theft or to deploy malware, but similar platforms have been targeted by ransomware gangs for mass data theft and extortion attacks.
INCIDENT DETAILS -
TYPE
IMPACT
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for CrushFTP, LLC ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in May 2026 ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in April 2026 ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in March 2026 ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in February 2026 ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in January 2026 ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in December 2025 ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in November 2025 ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in October 2025 ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in September 2025 ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in August 2025 ??
What was CrushFTP, LLC's A.I Rankiteo Cyber Score in July 2025 ??
What is the average per-incident point impact on CrushFTP, LLC's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with CrushFTP, LLC ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view CrushFTP, LLC's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?