HomeCVE Intelligence › CVE-2025-31161
CVSS 8.0 HIGH 🔴 ACTIVELY EXPLOITED Vulnerability

CVE-2025-31161: Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara D…

<!-SC_OFF --><div class="md"><p>Head over to Netomize's blog to learn about how we detect the exploitation of the CrushFTP Vulnerability (CVE-2025-31161) with PacketSmith's Ya…

8.0CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2025-31161
Vendorreddit_netsec
Affected ProductThreat Intelligence
Vulnerability TypeVulnerability
CVSS Score8.0 (HIGH)
Actively Exploited✅ Yes
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via reddit_netsec)

🔬 Technical Analysis

<!-- SC_OFF --><div class="md"><p>Head over to Netomize's blog to learn about how we detect the exploitation of the CrushFTP Vulnerability (CVE-2025-31161) with PacketSmith's Yara detection module, using the newly introduced track_state and flow_state keywords to the correlation engine.</p> </div><!-- SC_ON -->   submitted by   <a href="https://www.reddit.com/user/MFMokbel"> /u/MFMokbel </a> <br/> <span><a href="https://blog.netomize.ca/detecting-exploitation-of-crushftp-vulnerability-cve-2025-31161-with-packetsmith-yara-detection-module-using-track-state-and-flow-state">[link]</a></span>   <span><a href="https://www.reddit.com/r/

🎯 Known Indicators of Compromise

{"type":"url","value":"https://www.reddit.com/user/MFMokbel">","confidence_score":0.82,"first_seen":"2026-05-15","source_count":1} {"type":"url","value":"https://blog.netomize.ca/detecting-exploitation-of-crushftp-vulnerability-cve-2025-31161-with-packet","confidence_score":0.82,"first_seen":"2026-05-15","source_count":1} {"type":"url","value":"https://www.reddit.com/r/netsec/comments/1td2igk/detecting_exploitation_of_crushftp_vulnerability/&q","confidence_score":0.82,"first_seen":"2026-05-15","source_count":1} {"type":"domain","value":"www.reddit.com","confidence_score":0.75,"first_seen":"2026-05-15","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2025-31161 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence