Security News

Cybersecurity news aggregator

⚔️
CRITICAL Attacks Reddit r/netsec

Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state

exploitationdetectionftpcve-2025-31161kev-boosted
The article describes a method for detecting exploitation of a critical CrushFTP vulnerability (CVE-2025-31161, CVSS 9.8) using PacketSmith's Yara module with new `track_state` and `flow_state` keywords. The vulnerability affects CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. The NVD data indicates the fixes are available in versions 10.8.4 and 11.3.1.
Read Full Article →

Head over to Netomize's blog to learn about how we detect the exploitation of the CrushFTP Vulnerability (CVE-2025-31161) with PacketSmith's Yara detection module, using the newly introduced track_state and flow_state keywords to the correlation engine. submitted by /u/MFMokbel [link] [comments]

Related Articles

HIGH A fake FileZilla site hosts a malicious download Malwarebytes Labs CRITICAL CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws CSO Online CRITICAL Unknown attackers exploit yet another critical SharePoint bug The Register Security CRITICAL Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521) Help Net Security
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn