"Wing FTP Server contains a generation of error messages containing sensitive information vulnerability when using a long value in the UID cookie. The endpoint at "/loginok.html" does not properly validate the value of the "UID" session cookie. As a result, if the supplied value is longer than the maximum path size of the underlying operating system, it triggers an error message that discloses the full local server path."
"Successful exploits can allow an authenticated attacker to get the local server path of the application, which can help in exploiting vulnerabilities like CVE-2025-47812. According to details shared by Huntress, attackers have leveraged it to download and execute malicious Lua files, conduct reconnaissance, and install remote monitoring and management software."
CISA has cataloged CVE-2025-47813, a medium-severity vulnerability affecting Wing FTP Server versions prior to 7.4.4. The flaw generates error messages containing sensitive information when a long value is used in the UID cookie, disclosing the application's installation path. The vulnerability was responsibly disclosed by RCE Security researcher Julien Ahrens and patched in version 7.4.4 released in May. Version 7.4.4 also addresses CVE-2025-47812, a critical remote code execution bug actively exploited since July 2025. Attackers have used the critical vulnerability to download malicious Lua files, conduct reconnaissance, and install remote monitoring software. The information disclosure flaw could facilitate exploitation of the critical vulnerability.
#wing-ftp-server-vulnerability #information-disclosure #active-exploitation #cve-2025-47813 #cisa-kev-catalog
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]