Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
CrushFTP Server Server-Side Request Forgery (SSRF) Vulnerability - CVE-2025-32102 - Vulnerability Database
CrushFTP Server

CrushFTP Server Server-Side Request Forgery (SSRF) Vulnerability - CVE-2025-32102

Medium
Reference: CVE-2025-32102
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-32102
Title: CrushFTP Server Server-Side Request Forgery (SSRF) Vulnerability
Overview:

CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port parameters in a commandtelnetSocket request to the /WebInterface/function/ URI.