CVE-2025-47812 Scanner
CVE-2025-47812 Scanner - Remote Code Execution (RCE) vulnerability in Wing FTP Server
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
3 weeks 7 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
Wing FTP Server is widely used by organizations as a robust file transfer solution. It allows users to securely share and manage files using a variety of transfer protocols. Organizations ranging from small businesses to large enterprises utilize Wing FTP Server to enhance file sharing capabilities. This software provides rich functionality, including web-based administration and multi-protocol support for FTP, HTTP, and more. Additionally, it supports secure file transfer and remote management to optimize organizational workflows. The software is primarily used in environments where efficient, secure data transfer is critical.
The detected vulnerability is a Remote Code Execution (RCE) flaw in Wing FTP Server versions prior to 7.4.4. It arises from improper handling of NULL bytes in the 'username' parameter during login. This flaw allows Lua code injection into session files, which are then executed when accessing authenticated endpoints like /dir.html. The execution of these session files results in arbitrary command execution with elevated privileges. This vulnerability is notably exploitable only when anonymous login is active on the server, making it a severe security risk.
Technical details of the vulnerability can be attributed to an endpoint exposed by the server which fails to properly sanitize input data. The vulnerable endpoint, specifically /loginok.html, can be exploited by injecting malicious Lua code through the 'username' parameter during login. Due to insufficient validation, the server processes these injections, creating an exploitable condition. Consequently, unauthorized and arbitrary commands can be executed by accessing endpoints such as /dir.html. This can lead to significant unauthorized access and control over the server environment.
Exploiting this vulnerability may have severe implications, including unauthorized command execution and potential control of server resources. Such exploitation can potentially lead to data compromise, unauthorized data access, and possible manipulation or corruption of sensitive information. The elevated privileges achieved through exploitation could also allow attackers to further exploit other vulnerabilities or steal confidential information. Ultimately, these security breaches can result in significant damages, especially if critical infrastructure or sensitive data are involved.
REFERENCES
