Vulnerability cyber

Wing FTP Server

Jul 3, 2025 1 min read
Wing FTP Server

A critical vulnerability (CVE-2025-47812) in Wing FTP Server allows unauthenticated attackers to achieve complete server control. The vulnerability affects all versions up to 7.4.3 and has a maximum CVSSv4 score of 10.0. The flaw exploits improper NULL byte handling, enabling attackers to inject arbitrary Lua code and execute system commands with elevated privileges. This vulnerability's impact is particularly severe because Wing FTP Server typically runs with elevated privileges, resulting in complete administrative control over the affected server.

Source: https://cybersecuritynews.com/wing-ftp-server-vulnerability/

TPRM report: https://scoringcyber.rankiteo.com/company/darkwebinformer

"id": "dar354070325",
"linkid": "darkwebinformer",
"type": "Vulnerability",
"date": "7/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'name': 'Organizations running Wing FTP Server',
                        'type': 'Organization'}],
 'attack_vector': 'NULL byte injection in /loginok.html endpoint',
 'date_publicly_disclosed': '2025-05-14',
 'description': 'A newly disclosed critical vulnerability in Wing FTP Server '
                'has been assigned CVE-2025-47812 with a maximum CVSSv4 score '
                'of 10.0, allowing unauthenticated attackers to achieve '
                'complete server control.',
 'impact': {'operational_impact': 'Complete administrative control over the '
                                  'affected server',
            'systems_affected': 'Wing FTP Server'},
 'initial_access_broker': {'entry_point': '/loginok.html endpoint'},
 'motivation': 'Complete server takeover with root/SYSTEM privileges',
 'post_incident_analysis': {'corrective_actions': 'Proper input validation to '
                                                  'prevent NULL byte injection '
                                                  'attacks',
                            'root_causes': 'Improper NULL byte handling in the '
                                           'server’s authentication mechanism'},
 'recommendations': ['Update to version 7.4.4 immediately',
                     'Review anonymous access configurations',
                     'Implement network-level protections such as firewalls '
                     'and intrusion detection systems'],
 'references': [{'source': 'Wing FTP Server team'}],
 'response': {'containment_measures': 'Update to version 7.4.4',
              'enhanced_monitoring': 'Implement network-level protections such '
                                     'as firewalls and intrusion detection '
                                     'systems',
              'remediation_measures': 'Review anonymous access configurations'},
 'title': 'Critical RCE Vulnerability in Wing FTP Server (CVE-2025-47812)',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2025-47812'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.