The vulnerability in the FTP server’s web interface of Wing allows a hacker to elevate their privileges and execute arbitrary code.
The vulnerability of the FTP server’s web interface in Wing involves the insertion of a zero byte %00 into the user’s username string during the processing of the loginok.html endpoint. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code...