CVE-2025-47813 Scanner

Wing FTP Server is a popular file-sharing software used by various organizations for secure FTP access over the internet. It is developed and maintained by its vendor for handling multiple user requests, data transfer, and storage in a structured manner. The software is introduced to enterprises to ensure seamless file sharing among teams, departments, or with clients, making it integral to enterprise operations. Its features offer support for FTP, HTTP, FTPS, HTTPS, and SFTP protocols, catering broadly to different organizational needs. Wing FTP Server provides a web-based interface for ease of use and administration, enabling IT teams to manage user accounts, monitor server performance, and access logs effectively. It also supports scripting and API to extend its capabilities according to business requirements.

The Information Disclosure vulnerability CVE-2025-47813 in Wing FTP Server arises from improper validation processes employed while handling session cookies. This flaw allows attackers to procure sensitive information such as absolute file paths within the server's file system. By manipulating the 'UID' session cookie in HTTP requests, attackers can trigger responses revealing underlying file directories. Such unintended disclosures enable threat actors to understand server layouts and potentially exploit other known vulnerabilities, posing severe risks for information security. The exploitable nature of this vulnerability categorizes it as moderately severe, stressing the need for immediate remediation by users of impacted versions.

This vulnerability is technically significant as it involves overlong UID session cookies, which upon processing, return errors revealing server paths in HTTP responses. The unauthorized information leakage pertains specifically to the server paths displayed within error messages after abnormal cookie authentication attempts. Attacks primarily involve crafting HTTP POST requests aimed at the '/loginok.html' endpoint with inflated ‘UID’ cookies. The FTP server inadvertently discloses sensitive server paths when inadequate validation checks fail to protect these paths. This security oversight warrants close attention, especially in production environments housing sensitive data.

When exploited, attackers can enumerate internal directories on the server, gaining insights into its architecture. Such disclosures might pave the way for cascading attacks, facilitating further intrusion efforts by effectively guiding malicious actors through the server landscape. Cybercriminals might use this information to launch additional attacks like privilege escalation, command injection, or exploit other disclosed vulnerabilities, thereby amplifying the compromise of data integrity and confidentiality. Hence, addressing this issue promptly is critical to safeguard against multifaceted security threats.

REFERENCES

• https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/
• https://www.wftpserver.com