CVE-2025-47812

Wing FTP Server

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-47812 is a remote code execution vulnerability in Wing FTP Server. The vulnerability arises because the application doesn't properly handle NULL bytes in usernames. By appending a NULL byte to the username, an attacker can bypass authentication and inject Lua code into session files. Specifically, when a user authenticates with a NULL-byte injected username, the server creates a new session ID and stores the NULL byte in the session variable. This allows an attacker to inject arbitrary Lua code, leading to remote code execution with root privileges on Linux systems and SYSTEM rights on Windows systems because the wftpserver runs with elevated privileges by default.

Description
-

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

26

  1. A critical vulnerability (CVE-2025-47812) in Wing FTP Server allows attackers to take full control of servers through unauthenticated remote code execution. With a maximum CVSS score of 10, this flaw affects many organizations globally, particularly those with public-facing FT...

    @CybrPulse

    3 Jul 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. A newly discovered critical vulnerability, CVE-2025-47812, in Wing FTP Server allows unauthenticated attackers to take complete control of affected servers. With a CVSSv4 score of 10.0, it's crucial for organizations to update to version 7.4.4 immediately to mitigate severe ri...

    @CybrPulse

    3 Jul 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. CVE-2025-47812 – Wing FTP Server RCE via Lua Injection https://t.co/8Oj9mBBDw7 https://t.co/JeVI9clRKy

    @cyber_advising

    3 Jul 2025

    124 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. csirt_it: ‼️ #WingFTPServer: disponibile un #PoC per lo sfruttamento della CVE-2025-47812 presente nel noto software per la gestione di server FTP Rischio: 🔴 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/SdVkDWH17y 🔄 Aggiornamenti disponibil… https://t.

    @Vulcanux_

    2 Jul 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-47812: RCE in Wing FTP Server, 10.0 rating 🔥🔥🔥 NULL byte injection vulnerability allows attacker to take full control of Wing server. PoC is now available! Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/SYJcizrGMQ #cybersecurity #vulnerability_map

    @Netlas_io

    2 Jul 2025

    948 Impressions

    6 Retweets

    11 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  6. GitHub - 0xcan1337/CVE-2025-47812-poC: Simple exploit for Wing FTP Server RCE (CVE-2025-47812) to run commands and get a reverse shell. For educational use only. - https://t.co/sGXgu6rxkl

    @piedpiper1616

    2 Jul 2025

    2837 Impressions

    15 Retweets

    47 Likes

    20 Bookmarks

    1 Reply

    0 Quotes

  7. 🚨CVE-2025-47812: Wing FTP Server Remote Code Execution (RCE) Exploit Link: https://t.co/ESMP6h8nug Writeup: https://t.co/YGVZXNQjo2 https://t.co/mBD8aZyfbw

    @DarkWebInformer

    1 Jul 2025

    7146 Impressions

    6 Retweets

    30 Likes

    19 Bookmarks

    1 Reply

    0 Quotes

  8. 🚨 CVE-2025-47812 - critical 🚨 Wing FTP Server <= 7.4.3 - Remote Code Execution > Wing FTP Server versions prior to 7.4.4 are vulnerable to an unauthenticated remote c... 👾 https://t.co/W95iwDuXw2 @pdnuclei #NucleiTemplates #cve

    @pdnuclei_bot

    1 Jul 2025

    1140 Impressions

    5 Retweets

    20 Likes

    7 Bookmarks

    0 Replies

    0 Quotes

  9. What the NULL?! Wing FTP Server RCE (CVE-2025-47812) | RCE Security https://t.co/6b1m8NeCe0

    @akaclandestine

    1 Jul 2025

    1136 Impressions

    0 Retweets

    9 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  10. ⚡️The vulnerability details are now available: https://t.co/av5c0yf2Lk 🚨🚨CVE-2025-47812: Wing FTP Server RCE! Hackers can exploit a nasty null byte injection flaw to run ANY code as root/SYSTEM—no login needed! ZoomEye Dork👉app="Wing FTP Server" Over 78K+ vulner

    @zoomeye_team

    1 Jul 2025

    20662 Impressions

    41 Retweets

    157 Likes

    94 Bookmarks

    2 Replies

    3 Quotes

  11. What the NULL?! Wing FTP Server RCE (CVE-2025-47812) https://t.co/uMrGlTp6NX https://t.co/YbPTqh6MXh

    @secharvesterx

    1 Jul 2025

    182 Impressions

    1 Retweet

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  12. What the NULL?! Wing FTP Server RCE (CVE-2025-47812) https://t.co/IqvJhoszYI

    @_r_netsec

    30 Jun 2025

    886 Impressions

    0 Retweets

    5 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.