A important distant code execution vulnerability in Monsta FTP, a well-liked web-based FTP shopper utilized by monetary establishments and enterprises worldwide.
The flaw, now tracked as CVE-2025-34299, impacts a number of variations of the software program and has been exploited within the wild.
Monsta FTP is a browser-based file switch shopper that permits customers to handle recordsdata on distant servers with out devoted FTP software program.
With a minimum of 5,000 cases uncovered on the web, the platform serves a various person base, together with monetary organizations and huge enterprises.
The Vulnerability and Patch Accessible
The safety flaw permits attackers to attain pre-authenticated distant code execution on susceptible Monsta FTP servers.
WatchTowr Labs researchers found that regardless of builders including intensive enter validation capabilities in latest updates, important vulnerabilities remained unpatched throughout a number of variations.
The assault works by means of a easy three-step course of: An attacker methods Monsta FTP into connecting to a malicious SFTP server. Downloads a crafted payload file.
Writes that file to an arbitrary path on the goal server. This grants full management over the susceptible system.
CVE IDVulnerability TypeAffected VersionStatusExploitationCVE-2025-34299Remote Code Execution (RCE)Monsta FTP ≤ 2.11.2Patched in v2.11.3 (Aug 26, 2025)Energetic exploitation within the wild
The vulnerability impacts variations 2.10.3 by means of 2.11, and researchers discovered that beforehand reported safety flaws have been by no means correctly fastened.
WatchTower Labs Evaluation revealed minimal code modifications between variations 2.10.3 and a couple of.10.4, leaving identified vulnerabilities intact with model updates.
Monsta FTP launched model 2.11.3 on August 26, 2025, which addresses this important vulnerability.
Organizations operating Monsta FTP ought to instantly improve to the newest model to guard their techniques.
The invention highlights ongoing safety challenges in web-based file administration techniques, significantly when legacy vulnerabilities persist regardless of a number of software program updates.
Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to characteristic your tales.
