Wing FTP Server 漏洞列表

Wing FTP Server认证绕过导致远程代码执行，攻击者可以执行系统命令获取服务器权限。

Wing FTP Server versions prior to 7.4.4 are vulnerable to an unauthenticated remote code execution (RCE) flaw (CVE-2025-47812). The vulnerability arises from improper NULL byte handling in the 'username' parameter during login, which allows Lua code injection into session files. These injected session files are executed when accessing authenticated endpoints such as /dir.html, resulting in arbitrary command execution with elevated privileges. This attack is possible only when anonymous login is enabled on the server.

Wing FTP Server versions prior to 7.4.4 are vulnerable to an authenticated information disclosure vulnerability (CVE-2025-47813). The vulnerability occurs due to improper validation of the 'UID' session cookie in the /loginok.html endpoint. Supplying an overlong UID value causes the server to respond with an error that includes the full local filesystem path. This can aid in further exploitation (e.g., CVE-2025-47812) by revealing the application’s file system layout.

Wing FTP Server 的 /loginok.html 文件存在远程代码执行漏洞。攻击者可以通过特制的请求在受影响的服务器上执行任意代码，可能导致服务器被完全控制、数据泄露和系统崩溃等严重后果。