CVEFinder.io

CVE-2025-47811

đŸ”ļ medium
🔍 Scan for this CVE
Summary

In Wing FTP Server through 7.4.4, the administrative web interface (listening by default on port 5466) runs as root or SYSTEM by default. The web application itself offers several legitimate ways to execute arbitrary system commands (i.e., through the web console or the task scheduler), and they are automatically executed in the highest possible privilege context. Because administrative users of the web interface are not necessarily also system administrators, one might argue that this is a priv

Description

In Wing FTP Server through 7.4.4, the administrative web interface (listening by default on port 5466) runs as root or SYSTEM by default. The web application itself offers several legitimate ways to execute arbitrary system commands (i.e., through the web console or the task scheduler), and they are automatically executed in the highest possible privilege context. Because administrative users of the web interface are not necessarily also system administrators, one might argue that this is a privilege escalation. (If a privileged application role is not available to an attacker, CVE-2025-47812 can be leveraged.) NOTE: the vendor reportedly considers this behavior "fine to keep."

CVSS Score
4.1
Medium
EPSS Score
0.1
Exploit Probability
Published Date
2025-07-10
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 5.3% of all 326,604 vulnerabilities in our database.

#309,411
Below average severity
Severity Percentile
đŸŽ¯ CISA SSVC Assessment Updated: Jul 15, 2025
🔍 Exploitation Status
Poc
Proof-of-concept available
⚙ī¸ Automatable
NO
Requires human interaction
đŸ’Ĩ Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2025-07-17
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N
CWE IDs (Weakness Types)
CWE-267

đŸ“Ļ Affected Products 1

Vendor Product Status Affected Versions
wftpserver wing_ftp_server Affected
< 7.4.4

🔗 References 2

https://www.rcesecurity.com/2025/06/what-the-null-wi...
Exploit Third Party Advisory
https://www.wftpserver.com
Broken Link

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-44403 ⚠ī¸ high 7.2 0.1 Wing FTP Server before 8.1.3 contains an authenticated remote code execution vulnerability in the session serialization ... 2026-05-12
CVE-2020-37079 đŸ”ļ medium 4.3 0.0 Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (CSRF) vulnerability in the web administrat... 2026-02-07
CVE-2019-25267 ⚠ī¸ high 7.8 0.0 Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute... 2026-02-05
CVE-2020-37032 ⚠ī¸ high 8.8 0.4 Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authentica... 2026-01-30
CVE-2025-27889 ℹī¸ low 3.4 0.0 Wing FTP Server before 7.4.4 does not properly validate and sanitize the url parameter of the downloadpass.html endpoint... 2025-07-10
CVE-2025-47812 ⛔ critical 10.0 92.5 In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o... 2025-07-10
These CVEs affect the same products