← Retour aux CVEs

CVE-2025-47812

CRITICALCISA KEV

10.0

Description

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.

Details CVE

Score CVSS v3.110.0

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie7/10/2025

Derniere modification11/5/2025

Sourcekev

Observations honeypot0

CISA KEV

FournisseurWing FTP Server

ProduitWing FTP Server

Nom vulnerabiliteWing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability

Date ajout KEV2025-07-14

Date limite remediation2025-08-04

Utilise dans ransomwareUnknown

Produits affectes

wftpserver:wing_ftp_server

Faiblesses (CWE)

CWE-158

References

https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/(cve@mitre.org)

https://www.vicarius.io/vsociety/posts/cve-2025-47812-detection-script-remote-code-execution-vulnerability-in-wing-ftp-server(cve@mitre.org)

https://www.vicarius.io/vsociety/posts/cve-2025-47812-mitigation-script-remote-code-execution-vulnerability-in-wing-ftp-server(cve@mitre.org)

https://www.wftpserver.com(cve@mitre.org)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-47812(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.huntress.com/blog/wing-ftp-server-remote-code-execution-cve-2025-47812-exploited-in-wild(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.