March 17, 2026

CISA Warns of Exploited Wing FTP Vulnerability from 2022

Vaibhav March 17, 2026
CISA Warns of Exploited Wing FTP Vulnerability from 2022
Post Views: 12

US Cybersecurity Agency Warns of Exploited Wing FTP Vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in Wing FTP, a popular file transfer protocol (FTP) server, that has been exploited in the wild. The vulnerability, tracked as CVE-2025-47813, was first disclosed in May 2025 and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog.

About Wing FTP

Wing FTP is a free, secure FTP server for Windows, macOS, and Linux that supports multiple file transfer protocols and allows administrators to manage and monitor the server remotely.

Vulnerability Details

However, a medium-severity flaw in the software’s loginok.html endpoint could lead to the disclosure of the full local installation path of the application when a long value is used in the UID cookie of a logged-in session.

According to security researcher Julien Ahrens of RCE Security, who discovered the bug and published proof-of-concept (PoC) code, an attacker could supply an overlong value in the UID cookie, triggering an error message that discloses the full local server path. This information could be used to exploit other vulnerabilities in Wing FTP, including CVE-2025-47812, a critical-severity flaw that leads to remote code execution.

Exploitation and Patching

CVE-2025-47812 was patched in Wing FTP Server version 7.4.4 and was added to CISA’s KEV list in July 2025. In June 2025, Censys reported that approximately 5,000 internet-accessible servers were likely susceptible to exploitation via POST requests.

CISA is urging federal agencies to patch the vulnerability by March 30 to prevent potential exploitation. The agency’s warning serves as a reminder of the importance of keeping software up to date and addressing known vulnerabilities in a timely manner.

Conclusion

The exploitation of this vulnerability highlights the ongoing risks associated with unpatched software and the need for organizations to prioritize vulnerability management and remediation. As threat actors continue to target known vulnerabilities, it is essential for organizations to stay vigilant and take proactive measures to protect their systems and data.



About Author

Vaibhav

See author's posts

More Stories

Enhanced AI-Powered Security: Unlocking Exposure and Attack Path Visibility with XM Cyber

Enhanced AI-Powered Security: Unlocking Exposure and Attack Path Visibility with XM Cyber

Vaibhav March 17, 2026
Real-Time Threat Response for OT Remote Access Sessions with Xona Systems

Real-Time Threat Response for OT Remote Access Sessions with Xona Systems

Vaibhav March 17, 2026
Measurable Cyber Resilience with CTG's Cyber Risk Scoring Dashboard

Measurable Cyber Resilience with CTG’s Cyber Risk Scoring Dashboard

Vaibhav March 17, 2026

Latest Cyber Security News

Enhanced AI-Powered Security: Unlocking Exposure and Attack Path Visibility with XM Cyber

Enhanced AI-Powered Security: Unlocking Exposure and Attack Path Visibility with XM Cyber

Vaibhav March 17, 2026
Real-Time Threat Response for OT Remote Access Sessions with Xona Systems

Real-Time Threat Response for OT Remote Access Sessions with Xona Systems

Vaibhav March 17, 2026
AI-Powered Code Analysis: Reducing Software Risk with Trust Agent Technology

AI-Powered Code Analysis: Reducing Software Risk with Trust Agent Technology

Vaibhav March 17, 2026
Measurable Cyber Resilience with CTG's Cyber Risk Scoring Dashboard

Measurable Cyber Resilience with CTG’s Cyber Risk Scoring Dashboard

Vaibhav March 17, 2026
5 Essential Security Measures CISOs Must Implement to Safeguard AI-Powered Systems and Data

5 Essential Security Measures CISOs Must Implement to Safeguard AI-Powered Systems and Data

Vaibhav March 17, 2026
en_USEnglish
en_USEnglish