What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
This article details a pre-authenticated Remote Code Execution vulnerability (CVE-2025-34299) found in Monsta FTP, a web-based FTP client. Despite attempts to patch, the vulnerability persisted in later versions until version 2.11.3 was released on August 26, 2025.