Monsta FTP Remote Code Execution Vulnerability CVE-2025-34299 Discovered
First seen 23 Nov 2025, 03:35 UTC
•
•80% similarity
•55.5
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A critical remote code execution vulnerability (CVE-2025-34299) has been identified in Monsta FTP, a web-based file transfer client, allowing unauthenticated attackers to execute arbitrary code on affected systems. The flaw arises from improper handling of user input during file downloads, endangering thousands of servers. Researchers have confirmed that this vulnerability is being actively exploited in the wild.
ThreatCluster AI