Lucene search
K

16 matches found

Nuclei
Nuclei
added 2026/06/23 5:8 a.m.321 views

Wing FTP Server <= 7.4.3 - Remote Code Execution

Wing FTP Server versions prior to 7.4.4 are vulnerable to an unauthenticated remote code execution RCE flaw CVE-2025-47812. The vulnerability arises from improper NULL byte handling in the 'username' parameter during login, which allows Lua code injection into session files. These injected sessio...

10CVSS7.7AI score0.95343EPSS
Exploits23References2
GithubExploit
GithubExploit
added 2026/02/24 5:7 a.m.163 views

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

🚀 Wing FTP Exploit - CVE-2025-47812 Exploit mejorado para Win...

10CVSS9.1AI score0.95343EPSS
Exploits23
GithubExploit
GithubExploit
added 2026/02/18 8:41 a.m.142 views

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 — Wing FTP Server Remote Code Execution RCE...

10CVSS8.8AI score0.95343EPSS
Exploits23
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-21021

Malicious code in bioql PyPI...

10CVSS9.2AI score0.95343EPSS
Exploits24References2
GithubExploit
GithubExploit
added 2025/07/27 5:47 p.m.206 views

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 – Wing FTP Server RCE Exploit Exploit Title:...

10CVSS9.7AI score0.95343EPSS
Exploits23
GithubExploit
GithubExploit
added 2025/07/17 7:2 a.m.303 views

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

=========================================================== CVE...

10CVSS9.9AI score0.95343EPSS
Exploits23
GithubExploit
GithubExploit
added 2025/07/16 6:33 a.m.98 views

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 How does this detection method work? This...

10CVSS6.7AI score0.95343EPSS
Exploits23
The Hacker News
The Hacker News
added 2025/07/11 10:58 a.m.19 views

Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild

A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress. The vulnerability, tracked as CVE-2025-47812 CVSS score: 10.0, is a case of improper handling of null '\0' bytes in the server's web interface,...

10CVSS10AI score0.95343EPSS
Exploits23
NVD
NVD
added 2025/07/10 5:15 p.m.9 views

CVE-2025-47812

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service root or SYSTEM by default. This is thu...

10CVSS0.95343EPSS
Exploits23References6
GithubExploit
GithubExploit
added 2025/07/07 1:20 p.m.110 views

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 Improper input validation led to Remote Code Ex...

10CVSS9.2AI score0.95343EPSS
Exploits92
Packet Storm
Packet Storm
added 2025/07/07 12:0 a.m.117 views

📄 Wing FTP Server NULL-byte Authentication Bypass

Wing FTP Server allows arbitrary Lua code injection via a NULL-byte %00 truncation bug CVE-2025-47812. Supplying %00 as the username makes the C++ authentication routine validate only the prefix, while the full string is written unfiltered into the session file and later executed with root/SYSTEM...

10CVSS8.4AI score0.95343EPSS
Exploits23
GithubExploit
GithubExploit
added 2025/07/04 4:22 p.m.341 views

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 - Wing FTP Server RCE Exploit This repository...

10CVSS10AI score0.95343EPSS
Exploits23
GithubExploit
GithubExploit
added 2025/07/02 9:51 p.m.382 views

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 – Wing FTP Server RCE via Lua Injection Auth...

10CVSS10AI score0.95343EPSS
Exploits23
Exploit DB
Exploit DB
added 2025/07/02 12:0 a.m.345 views

Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution RCE CVE: CVE-2025-47812 Date: 2025-06-30 Exploit Author: Sheikh Mohammad Hasan aka 4m3rr0r https://github.com/4m3rr0r Vendor Homepage: https://www.wftpserver.com/ Version: Wing FTP Server = 7.4.3 Tested on: Linux Root...

10CVSS6.8AI score0.95343EPSS
Exploits23
GithubExploit
GithubExploit
added 2025/07/01 6:20 p.m.443 views

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812-poC Simple exploit for Wing FTP Server RCE CVE...

10CVSS10AI score0.95343EPSS
Exploits23
Circl
Circl
added 2018/05/29 3:50 p.m.145 views

CVE-2025-47812

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/wingftpadminexec.rb 2025-06-30 19:43:49+00:00| seen| https://bsky.app/profile/mrtuxracer.bsky.social/post/3lstwzmbum225 2025-06-30...

10CVSS7.1AI score0.95343EPSS
In wildExploits23References133
Rows per page
Query Builder