The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included a medium-severity vulnerability affecting Wing FTP Server in its Known Exploited Vulnerabilities (KEV) catalog, highlighting evidence of active exploitation.
Details of the Vulnerability
The vulnerability, identified as CVE-2025-47813, has a CVSS score of 4.3 and is classified as an information disclosure issue. It leaks the installation path of the application under specific conditions. CISA noted that the Wing FTP Server generates error messages containing sensitive information when a long value is used in the UID cookie.
Affected Versions and Mitigation
This flaw impacts all versions of Wing FTP Server prior to and including version 7.4.3. The issue was resolved in version 7.4.4, which was released in May following a responsible disclosure by researcher Julien Ahrens. This update also addresses another critical vulnerability, CVE-2025-47812, which has a CVSS score of 10.0 and allows for remote code execution.
Active Exploitation Observed
As of July 2025, CVE-2025-47813 has been actively exploited in the wild. Reports from Huntress indicate that attackers have utilized this vulnerability to download and execute malicious Lua files, perform reconnaissance, and install remote monitoring and management software. Ahrens provided a proof-of-concept exploit on GitHub, demonstrating that the endpoint at “/loginok.html” fails to properly validate the UID session cookie’s value. This oversight can lead to the disclosure of the full local server path if the supplied value exceeds the maximum path size of the underlying operating system.
Recommendations for Agencies
In light of these developments, CISA recommends that Federal Civilian Executive Branch (FCEB) agencies implement the necessary fixes by March 30, 2026. While the specifics of how the vulnerability is being exploited in practice remain unclear, there is potential for it to be abused in conjunction with CVE-2025-47812.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
