"If a value is supplied on this way that is longer than the maximum path size of the underlying operating system, an error message is triggered which discloses the full local server path. According to the security researcher, attackers could leverage the application's local server path to exploit other vulnerabilities in Wing FTP."
"Tracked as CVE-2025-47813, the medium-severity flaw could lead to the disclosure of the full local installation path of the application when a long value is used in the UID cookie of a logged-in session. The bug was disclosed on May 14, 2025, when Wing FTP Server version 7.4.4 was rolled out with patches for it."
"CVE-2025-47812, also patched in Wing FTP Server version 7.4.4, was flagged as exploited in June 2025, when Censys said that roughly 5,000 internet-accessible servers were likely susceptible to exploitation via POST requests. CVE-2025-47812 was added to CISA's KEV list in July 2025."
CISA added CVE-2025-47813, a medium-severity Wing FTP vulnerability, to its Known Exploited Vulnerabilities catalog after detecting active exploitation. The flaw affects the loginok.html endpoint and fails to properly validate the UID cookie, allowing attackers to obtain the full local installation path by supplying an overlong value. When a value exceeds the maximum path size of the underlying operating system, an error message discloses the complete server path. Attackers can leverage this information to exploit other vulnerabilities in Wing FTP, particularly CVE-2025-47812, a critical-severity flaw enabling remote code execution. Wing FTP Server version 7.4.4 patched both vulnerabilities. CISA mandated that federal agencies patch the flaw by March 30.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]