Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-47812 PoC — Wing FTP Server 7.4.3及 安全漏洞

Source
https://github.com/rxerium/CVE-2025-47812
Associated Vulnerability
Title:Wing FTP Server 7.4.3及 安全漏洞 (CVE-2025-47812)
Description:In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.
Description
Detection for CVE-2025-47812
Readme
# CVE-2025-47812

 ## How does this detection method work?

This Nuclei template detects Wing FTP Server instances vulnerable to CVE-2025-47812 by identifying versions older than 7.4.4 exposed in the web client’s HTML response.

![Untitled](https://github.com/user-attachments/assets/806ff24a-d097-4aba-8e11-51e4ec99ddad)


 ## How do I run this script?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com -t template.yaml` 

## References

  - https://nvd.nist.gov/vuln/detail/CVE-2025-47812
  - https://www.wftpserver.com/
  - https://securityaffairs.com/179861/hacking/wing-ftp-server-flaw-actively-exploited-shortly-after-technical-details-were-made-public.html

## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

## Contact

Feel free to reach out to me via [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw) if you have any questions or concerns.
File Snapshot

 [4.0K]  /data/pocs/183fd8f2c6bcd8fd8ee2276103a3b3fca3818396
├── [1.1K]  README.md
└── [1.3K]  template.yaml

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →