CyberSecurityBoard
Sponsor Register Login

Wing FTP Server Vulnerability Let Attackers Take Full Server Control

This remote code execution (RCE) flaw exploits improper NULL byte handling in the server’s authentication mechanism, enabling attackers to inject arbitrary Lua code and execute system commands with elevated privileges. Additionally, organizations should review their FTP server configurations and consider implementing network-level protections such as firewalls and intrusion detection systems to monitor for exploitation attempts targeting this vulnerability. The injected code can execute arbitrary operating system commands, including id in this example, which returns user information on Unix-like systems. The vulnerability’s impact is particularly severe because Wing FTP Server typically runs with elevated privileges, as root on Linux systems and NT AUTHORITY/SYSTEM on Windows platforms. CVE-2025-47812, critical RCE vulnerability in Wing FTP Server ≤7.4.3 via NULL byte injection in /loginok.html endpoint. The exploit mechanism leverages the server’s Lua scripting engine, which Wing FTP Server uses internally for various operations. The attack vector is especially dangerous for servers configured to allow anonymous FTP access, as it provides a completely unauthenticated path to system compromise.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 03 Jul 2025 09:25:22 +0000


Cyber News related to Wing FTP Server Vulnerability Let Attackers Take Full Server Control

Wing Security unveils automated protection against AI-SaaS risks - Wing Security unveils an automatic advanced approach to counter the evolving risks of Intellectual Property and data leakage into GenAI applications. Amidst the growing adoption of GenAI, and the many SaaS applications powered by GenAI, Wing brings ...
1 year ago Helpnetsecurity.com
Wing FTP Server Vulnerability Let Attackers Take Full Server Control - This remote code execution (RCE) flaw exploits improper NULL byte handling in the server’s authentication mechanism, enabling attackers to inject arbitrary Lua code and execute system commands with elevated privileges. Additionally, ...
5 days ago Cybersecuritynews.com CVE-2025-47812
Report Surfaces Extent of SaaS Application Insecurity - An analysis of how 493 organizations are employing software-as-a-service applications published today by Wing Security finds nearly all experienced a security incident involving at least one application. A full 81% reported security incidents ...
1 year ago Securityboulevard.com
CVE-2015-5361 - Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client ...
2 years ago
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
CVE-2020-26299 - ftp-srv is an open-source FTP server designed to be simple yet configurable. In ftp-srv before version 4.4.0 there is a path-traversal vulnerability. Clients of FTP servers utilizing ftp-srv hosted on Windows machines can escape the FTP user's ...
4 years ago
CVE-2023-37881 - Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: < 7.2.0. ...
1 year ago
CVE-2023-37875 - Improper encoding or escaping of output in Wing FTP Server (User Web Client) allows Cross-Site Scripting (XSS).This issue affects Wing FTP Server: < 7.2.0. ...
1 year ago
CVE-2023-37878 - Insecure default permissions in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: < 7.2.0. ...
1 year ago
CVE-2023-37879 - Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information elicitation.This issue affects Wing FTP Server: < 7.2.0. ...
1 year ago
CVE-2018-0087 - A vulnerability in the FTP server of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to log in to the FTP server of the device without a valid password. The attacker does need to have a valid username. The ...
5 years ago
CVE-2020-9470 - An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Due to insecure permissions when handling session cookies, a local user may view the contents of the session and session_admin directories, which expose active session cookies ...
3 years ago
Optimize Control Health Management Across Business Levels: Introducing Scopes - Managing controls across multiple business units becomes increasingly challenging and costly as operational requirements evolve. To help compliance leaders efficiently view and manage control health across product lines, geographies and business ...
1 year ago Securityboulevard.com
Air Force Disciplines 15 as IG Finds That Security Failures Led to Massive Classified Documents Leak - The Air Force has disciplined 15 personnel in connection with the massive classified documents leak by an airman earlier this year, concluding that multiple officials intentionally failed to take required action on his suspicious behavior, the Air ...
1 year ago Securityweek.com
Over 100 WordPress Repository Plugins Affected by Shortcode-based Stored Cross-Site Scripting - On August 14, 2023, the Wordfence Threat Intelligence team began a research project to find Stored Cross-Site Scripting via Shortcode vulnerabilities in WordPress repository plugins. We found over 100 vulnerabilities across 100 plugins which affect ...
1 year ago Wordfence.com
Multiple Vulnerabilities in Sante PACS Server - Research Advisory | Tenable® - Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Enjoy full access to a modern, cloud-based vulnerability management platform that enables you ...
3 months ago Tenable.com
CVE-2018-18370 - The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject ...
3 years ago
CVE-2018-18371 - The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext ...
4 years ago
Google Cloud Platform (GCP) Privilege Escalation Vulnerability in GCP Cloud Run - Research Advisory | Tenable® - Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Enjoy full access to a modern, cloud-based vulnerability management platform that enables you ...
4 months ago Tenable.com
Progress WhatsUp Gold Unauthenticated Wireless MAC Group Manipulation - Research Advisory | Tenable® - Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Enjoy full access to a modern, cloud-based vulnerability management platform that enables you ...
2 months ago Tenable.com
Google Gerrit Unauthorized Access to Code Tickets Supply Chain Attack - Research Advisory | Tenable® - Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Enjoy full access to a modern, cloud-based vulnerability management platform that enables you ...
4 months ago Tenable.com
Granola API Endpoint Information Disclosure - Research Advisory | Tenable® - Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Enjoy full access to a modern, cloud-based vulnerability management platform that enables you ...
3 months ago Tenable.com
Camaleon CMS Privilege Escalation - Research Advisory | Tenable® - Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Enjoy full access to a modern, cloud-based vulnerability management platform that enables you ...
3 months ago Tenable.com
OpenAI SearchGPT Results Tampering with Prompt Injection - Research Advisory | Tenable® - Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Enjoy full access to a modern, cloud-based vulnerability management platform that enables you ...
3 months ago Tenable.com
CVE-2020-3564 - A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)