The vulnerability tracked as CVE-2025-54309 impacts CrushFTP. It allows an attacker to bypass some authentication mechanisms and lead to remote code execution.
Stormhield Network Security (SNS) appliance protects you from that attack, thanks to a dedicated IPS signature.
To work efficiently the HTTPS trafic must be decrypted.
| ID | Name |
| http:client.109 | Exploitation of a CrushFTP authentication bypass (CVE-2025-54309) |