← Voltar para CVEs

CVE-2025-47812

CRITICALCISA KEV

10.0

Descricao

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.

Detalhes CVE

Pontuacao CVSS v3.110.0

SeveridadeCRITICAL

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado7/10/2025

Ultima modificacao11/5/2025

Fontekev

Avistamentos honeypot0

CISA KEV

FornecedorWing FTP Server

ProdutoWing FTP Server

Nome da vulnerabilidadeWing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability

Data inclusao KEV2025-07-14

Prazo de remediacao2025-08-04

Uso em ransomwareUnknown

Produtos afetados

wftpserver:wing_ftp_server

Fraquezas (CWE)

CWE-158

Referencias

https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/(cve@mitre.org)

https://www.vicarius.io/vsociety/posts/cve-2025-47812-detection-script-remote-code-execution-vulnerability-in-wing-ftp-server(cve@mitre.org)

https://www.vicarius.io/vsociety/posts/cve-2025-47812-mitigation-script-remote-code-execution-vulnerability-in-wing-ftp-server(cve@mitre.org)

https://www.wftpserver.com(cve@mitre.org)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-47812(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.huntress.com/blog/wing-ftp-server-remote-code-execution-cve-2025-47812-exploited-in-wild(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.