Wing FTP Server CVE-2025-47812 Critical RCE Vulnerability Detection and Risk Analysis

Key Information Vulnerability ID: CVE-2025-47812 Vulnerability Type: Remote Code Execution Affected Software: Wing FTP Server Severity: 10 (Critical Severity) Detection Script Functionality System Check: Detects whether the system is vulnerable to CVE-2025-47812. Execution Method: Run in PowerShell (recommended to run as Administrator). Description Vulnerability Details: CVE-2025-47812 is a critical remote code execution vulnerability in Wing FTP Server, with a CVSSv3 score of 10.0. It has been exploited and affects Wing FTP Server versions below 7.4.4. The vulnerability involves improper handling of null bytes in the server's web interface and Lua code injection, allowing remote, unauthenticated attackers to execute arbitrary code with root/SYSTEM privileges, leading to full system compromise. Detection Script Purpose: - Installation Location Discovery: Scans common installation directories, Windows registry entries, and running processes to identify Wing FTP Server instances on the system. - Version Analysis: Determines the detected Wing FTP Server version and compares it against the vulnerable range (below 7.4.4). - Network Service Assessment: Checks services running on common web interface ports (80, 443), which may be associated with Wing FTP Server’s web interface. - Mitigation Status Detection: Identifies existing firewall rules that may have been implemented as temporary protective measures to block inbound traffic. - Comprehensive Risk Report: Provides a detailed analysis of potential exposure, clearly indicating whether detected instances are vulnerable or patched. Conclusion Running this detection script helps assess the system’s potential exposure to CVE-2025-47812.

Goal Reached Thanks to every supporter — we hit 100%!

Wing FTP Server CVE-2025-47812 Critical RCE Vulnerability Detection and Risk Analysis