Description

In Wing FTP Server through 7.4.4, the administrative web interface (listening by default on port 5466) runs as root or SYSTEM by default. The web application itself offers several legitimate ways to execute arbitrary system commands (i.e., through the web console or the task scheduler), and they are automatically executed in the highest possible privilege context. Because administrative users of the web interface are not necessarily also system administrators, one might argue that this is a privilege escalation. (If a privileged application role is not available to an attacker, CVE-2025-47812 can be leveraged.) NOTE: the vendor reportedly considers this behavior "fine to keep."

INFO

Published Date :

2025-07-10T00:00:00.000Z

Last Modified :

2025-07-15T13:44:06.934Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-47811 vulnerability.

Vendors Products
Wftpserver
  • Wing Ftp Server
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-47811.

URL Resource
https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/ cve-icon cve-icon cve-icon
https://www.wftpserver.com cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact