EUVD-2025-21009

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service root or SYSTEM by default. This is thu...

VulnCheck KEV: CVE-2025-47812

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service root or SYSTEM by default. This is thu...

CVE-2025-47812

CVE-2025-47812 is a remote code execution vulnerability in Wing FTP Server, affecting versions before 7.4.4. The root cause is improper handling of null bytes ('\0') in user/admin web interfaces, allowing injection of arbitrary Lua code into user session files. The injected code can execute comma...

CVE-2025-47812

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service root or SYSTEM by default. This is thu...

Wing FTP Server NULL-byte Authentication Bypass (CVE-2025-47812)

Wing FTP Server allows arbitrary Lua code injection via a NULL-byte %00 truncation bug CVE-2025-47812. Supplying %00 as the username makes the C++ authentication routine validate only the prefix, while the full string is written unfiltered into the session file and later executed with root/SYSTEM...

📄 Wing FTP Server NULL-byte Authentication Bypass

Wing FTP Server allows arbitrary Lua code injection via a NULL-byte %00 truncation bug CVE-2025-47812. Supplying %00 as the username makes the C++ authentication routine validate only the prefix, while the full string is written unfiltered into the session file and later executed with root/SYSTEM...

Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution RCE CVE: CVE-2025-47812 Date: 2025-06-30 Exploit Author: Sheikh Mohammad Hasan aka 4m3rr0r https://github.com/4m3rr0r Vendor Homepage: https://www.wftpserver.com/ Version: Wing FTP Server = 7.4.3 Tested on: Linux Root...

CVE-2025-52938

Out-of-bounds Read vulnerability in dail8859 NotepadNext src/lua/src modules. This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar in lparser.c lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read th...

CVE-2025-52938

Out-of-bounds Read vulnerability in dail8859 NotepadNext src/lua/src modules. This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar in lparser.c lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read th...

CVE-2025-52938 Potential heap-based buffer over-read vulnerability in NotepadNext

Out-of-bounds Read vulnerability in dail8859 NotepadNext src/lua/src modules. This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar in lparser.c lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read th...

CVE-2025-52938 Potential heap-based buffer over-read vulnerability in NotepadNext

Out-of-bounds Read vulnerability in dail8859 NotepadNext src/lua/src modules. This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar in lparser.c lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read th...

CVE-2025-52938

CVE-2025-52938 affects NotepadNext up to v0.11. The vulnerability is an out-of-bounds read in the Lua parser module, specifically the function singlevar() in lparser.c, where a required luaK_exp2anyregup call is missing. This can cause a heap-based buffer over-read when untrusted Lua code is comp...

Exploit for Authentication Bypass by Spoofing in Apache Apisix

Apache APISIX 2.12.x Remote Code Execution RCE Exploit This...

AZL-55286 CVE-2024-46981 affecting package valkey for versions less than 8.0.2-1

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...

Important: redis

Issue Overview: Denial-of-service due to unbounded pattern matching CVE-2024-31228 Lua library commands may be exploited by an authenticated user to achieve remote-code-execution CVE-2024-31449 Affected Packages: redis Note: This advisory is applicable to Amazon Linux 2 - Redis6 Extra. Visit this...

Important: redis6

Issue Overview: Denial-of-service due to unbounded pattern matching CVE-2024-31228 Lua library commands may be exploited by an authenticated user to achieve remote-code-execution CVE-2024-31449 Affected Packages: redis6 Issue Correction: Run dnf update redis6 --releasever 2023.5.20241001 or dnf...

CVE-2023-52252

Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint...

CVE-2023-52252

Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint...

CVE-2023-52252

Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint...

Design/Logic Flaw

Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint...