CrushFTP Reviews & Product Details

Easy to install and has a lot of features. Review collected by and hosted on G2.com.

The server is guaranteed to be hacked sooner or later. Even in the DMZ, with DMZ features, with a firewall in front of it and host-based IPS. The history of CrushFTP has shown that the developers have no idea about security. Take a look at the CVEs of CrushFTP and see how easy it is to take over the entire server as soon as an exploit is available, the server is usually hacked within a few hours or days.

In addition, the communication of CrushFTP is miserable. As an example of CVE-2025-31161, there is still no information in the changelog. CVE-2025-31161 has a CVSS score of 9.8.

In the wiki of CrushFTP there are also updates about vulnerabilities, but certainly the wrong place to publish security relevant information.

For the vulnerability CVE-2025-31161 it was stated that there is no exploit in the wild and the vulnerability is not exploited, and the vulnerability did not work in the DMZ with the DMZ features, so CrushFTP does not give out exact information. However, one of our servers was compromised long ago. Review collected by and hosted on G2.com.

Crush FTP Is a product I use daily and is easy to implement and upgrade, The Buying Process is easy and registration is done very quickly, Uses FTP,FTPS and SFTP over web and client connections so easy to integrate with internal MIS Systems. I Found the Support very good the only time I had to use them. Review collected by and hosted on G2.com.

Licenses bought in 10, 50 or unlimited but Low cost of product so could be worse Review collected by and hosted on G2.com.

Easy to setup and configure, web based console and upgrades are a copy and paste of config files to new installastion Review collected by and hosted on G2.com.

Do lose the prior license details as required for any upgrades, such as due to recent vunerability Review collected by and hosted on G2.com.

Application stability and SSH connection, transfer files and control panel with specific functions for all client-server needs. Review collected by and hosted on G2.com.

Integrating into OS is complicated by older versions in newer versions. Review collected by and hosted on G2.com.

It's pretty easy to use and the navigation panes make sense for the most part. Duplicating users is painless which is nice if you're creating multiple accounts with the same access requirements Review collected by and hosted on G2.com.

It is entirely dependent on Java which has moved to a subscription model beginning Jan, 2019. The aesthetics are a bit dated, and the support can be hit or miss.

When we updated from version 7 to version 8 the product broke and spits out errors when we try to run it as a service. Now we just have to keep a user logged in to the server running it as a temporary server under his account. Their support hasn't been very helpful resolving the errors.

A few weeks after we upgraded, version 9 was available but when I attempted to purchase, then site just sat at a spinning wheel saying not to close or refresh the page. When I came back the following day it was on the same screen and the purchase never went through. Haven't tried again yet to upgrade again. Review collected by and hosted on G2.com.