← Volver a CVEs

CVE-2025-47812

CRITICALCISA KEV

10.0

Descripcion

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.

Detalles CVE

Puntuacion CVSS v3.110.0

SeveridadCRITICAL

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado7/10/2025

Ultima modificacion11/5/2025

Fuentekev

Avistamientos honeypot0

CISA KEV

VendedorWing FTP Server

ProductoWing FTP Server

Nombre vulnerabilidadWing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability

Fecha inclusion KEV2025-07-14

Fecha limite remediacion2025-08-04

Uso en ransomwareUnknown

Productos afectados

wftpserver:wing_ftp_server

Debilidades (CWE)

CWE-158

Referencias

https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/(cve@mitre.org)

https://www.vicarius.io/vsociety/posts/cve-2025-47812-detection-script-remote-code-execution-vulnerability-in-wing-ftp-server(cve@mitre.org)

https://www.vicarius.io/vsociety/posts/cve-2025-47812-mitigation-script-remote-code-execution-vulnerability-in-wing-ftp-server(cve@mitre.org)

https://www.wftpserver.com(cve@mitre.org)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-47812(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.huntress.com/blog/wing-ftp-server-remote-code-execution-cve-2025-47812-exploited-in-wild(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.