Wing FTP Server 代码问题漏洞

Wing FTP Server is an open-source, cross-platform FTP server software developed by Wing FTP Server. Version 6.0.7 of Wing FTP Server has a code vulnerability caused by an unquoted service path. This vulnerability could allow local attackers to execute arbitrary code and gain system privileges...

CVE-2019-25267 Wing FTP Server 6.0.7 - Unquoted Service Path

Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launche...

CVE-2020-37032 Wing FTP Server 6.3.8 - Remote Code Execution

Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the...

Wing FTP Server 安全漏洞

Wing FTP Server is a set of cross-platform FTP server software open-sourced by Wing FTP Server. A security vulnerability exists in Wing FTP Server versions prior to 7.4.4, which originates from loginok.html disclosing the local installation path...

CVE-2025-47812

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service root or SYSTEM by default. This is thu...

📄 Wing FTP Server NULL-byte Authentication Bypass

Wing FTP Server allows arbitrary Lua code injection via a NULL-byte %00 truncation bug CVE-2025-47812. Supplying %00 as the username makes the C++ authentication routine validate only the prefix, while the full string is written unfiltered into the session file and later executed with root/SYSTEM...

Wing FTP Server Security Vulnerability

Wing FTP Server is a cross-platform FTP server software. A security vulnerability exists in Wing FTP Server 7.2.0 and earlier versions, which stems from a weak access control mechanism in the Admin Web Client that allows an attacker to perform elevation of privilege...

Wing FTP Server Local Elevation of Privilege Vulnerability

Wing FTP Server is an easy-to-use, secure and reliable FTP server software for Windows, Linux, Mac OS and Solaris. A local elevation of privilege vulnerability exists in Wing FTP Server 6.2.3. The vulnerability stems from Wing FTP Server setting insecure permissions on the installation directory...

Wing FTP Server Admin /admin_event_list.html type Cross Site Scripting Vulnerability

WingFTPServer is a professional cross-platform FTP server , it has good speed , reliability and a friendly configuration interface . Wing FTP Server Admin /admineventlist.html type parameter handling has a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerabilit...