Browse all 6 CVE security advisories affecting Wing FTP Server. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Wing FTP Server is a commercial file transfer solution primarily used for secure file sharing, FTP/SFTP/FTPS transfers, and server administration. Historically, it has been affected by multiple remote code execution vulnerabilities, often stemming from improper input validation in web interfaces and authentication bypass flaws. Privilege escalation issues have also been documented, allowing unauthorized users to gain elevated system access. The software has accumulated six CVE records to date, with vulnerabilities including directory traversal flaws and insecure default configurations. While no major public security incidents have been widely reported, the consistent discovery of critical vulnerabilities highlights the importance of regular patching and hardening for production deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-37079 | Wing FTP Server < 6.2.7 - Cross-site Request Forgery — Wing FTP ServerCWE-352 | 4.3 | Medium | 2026-02-06 |
| CVE-2020-37032 | Wing FTP Server 6.3.8 - Remote Code Execution — Wing FTP ServerCWE-78 | 8.8 | High | 2026-01-30 |
| CVE-2023-37875 | Cross-Site Scripting Vulnerability in Wing FTP Server <= 7.2.0 — Wing FTP ServerCWE-116 | 3.0 | Low | 2023-09-12 |
| CVE-2023-37878 | Insecure Default Permissions in Wing FTP Server <= 7.2.0 — Wing FTP ServerCWE-276 | 6.1 | Medium | 2023-09-12 |
| CVE-2023-37879 | Exposed Session Variable in Wing FTP Server <= 7.2.0 — Wing FTP ServerCWE-922 | 6.5 | Medium | 2023-09-12 |
| CVE-2023-37881 | Weak Access Control between Domains in Wing FTP Server <= 7.2.0 — Wing FTP ServerCWE-863 | 4.9 | Medium | 2023-09-12 |
This page lists every published CVE security advisory associated with Wing FTP Server. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.