CVE-2019-25267 Wing FTP Server 6.0.7 - Unquoted Service Path

Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launche...

📄 Wing FTP Server 8.0.7 Remote Code Execution

A NULL-byte truncation vulnerability in Wing FTP Server allows bypassing an authentication prefix check, allowing the payload to reach Lua execution contexts. Version 8.0.7 is affected...