How severe is CVE-2025-32103?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5 out of 10.

What type of vulnerability is CVE-2025-32103?

This is classified as CWE-40, which is a common weakness in software security.

CVE-2025-32103

MEDIUM Year: 2025

CVSS v3 Score

5.0

Medium

Weakness Type

CWE-40

View all →

Vulnerability Description

CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the /WebInterface/function/ URI to read files accessible by SMB at UNC share pathnames, bypassing SecurityManager restrictions.

CVE-2023-29446

MEDIUM

CVSS:4.7(Medium)

An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and po...

CWE-402023

CVE-2023-29446

MEDIUM

CVSS:4.7(Medium)

CWE-402023

CVE-2025-32103

Vulnerability Description

Related Vulnerabilities

CVE-2023-29446

CVE-2023-29446