A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress.
The vulnerability, tracked as CVE-2025-47812 (CVSS score: 10.0), is a case of improper handling of null ('\0') bytes in the server's web interface, which allows for remote code execution. It has been addressed in version 7.4.4.
"The user and



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/07/critical-wing-ftp-server-vulnerability.html