March 17, 2026

CISA Warns of Exploited Wing FTP Vulnerability from 2022

Vaibhav March 17, 2026
CISA Warns of Exploited Wing FTP Vulnerability from 2022
Post Views: 9

US Cybersecurity Agency Warns of Exploited Wing FTP Vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in Wing FTP, a popular file transfer protocol (FTP) server, that has been exploited in the wild. The vulnerability, tracked as CVE-2025-47813, was first disclosed in May 2025 and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog.

About Wing FTP

Wing FTP is a free, secure FTP server for Windows, macOS, and Linux that supports multiple file transfer protocols and allows administrators to manage and monitor the server remotely.

Vulnerability Details

However, a medium-severity flaw in the software’s loginok.html endpoint could lead to the disclosure of the full local installation path of the application when a long value is used in the UID cookie of a logged-in session.

According to security researcher Julien Ahrens of RCE Security, who discovered the bug and published proof-of-concept (PoC) code, an attacker could supply an overlong value in the UID cookie, triggering an error message that discloses the full local server path. This information could be used to exploit other vulnerabilities in Wing FTP, including CVE-2025-47812, a critical-severity flaw that leads to remote code execution.

Exploitation and Patching

CVE-2025-47812 was patched in Wing FTP Server version 7.4.4 and was added to CISA’s KEV list in July 2025. In June 2025, Censys reported that approximately 5,000 internet-accessible servers were likely susceptible to exploitation via POST requests.

CISA is urging federal agencies to patch the vulnerability by March 30 to prevent potential exploitation. The agency’s warning serves as a reminder of the importance of keeping software up to date and addressing known vulnerabilities in a timely manner.

Conclusion

The exploitation of this vulnerability highlights the ongoing risks associated with unpatched software and the need for organizations to prioritize vulnerability management and remediation. As threat actors continue to target known vulnerabilities, it is essential for organizations to stay vigilant and take proactive measures to protect their systems and data.



About Author

Vaibhav

See author's posts

More Stories

Enhance Visibility and Control Over Unauthorized AI Usage with SailPoint

Enhance Visibility and Control Over Unauthorized AI Usage with SailPoint

Vaibhav March 17, 2026
Font Rendering Trick Conceals Malicious Commands from AI-powered Tools

Font Rendering Trick Conceals Malicious Commands from AI-powered Tools

Vaibhav March 17, 2026
Scams Targeting Australia's Not-For-Profit Sector: A Growing Threat

Scams Targeting Australia’s Not-For-Profit Sector: A Growing Threat

Vaibhav March 17, 2026

Latest Cyber Security News

Huntress Enhances Agentic Security Platform with Advanced Endpoint and Identity Risk Detection and Mitigation Tools

Huntress Enhances Agentic Security Platform with Advanced Endpoint and Identity Risk Detection and Mitigation Tools

Vaibhav March 17, 2026
AI-Powered Call Analysis for Enhanced Fraud Prevention with Pindrop Fraud Assist

AI-Powered Call Analysis for Enhanced Fraud Prevention with Pindrop Fraud Assist

Vaibhav March 17, 2026
Enhance Visibility and Control Over Unauthorized AI Usage with SailPoint

Enhance Visibility and Control Over Unauthorized AI Usage with SailPoint

Vaibhav March 17, 2026
Microsoft Stops Force-Installing Microsoft 365 Copilot App

Microsoft Stops Force-Installing Microsoft 365 Copilot App

Vaibhav March 17, 2026
Font Rendering Trick Conceals Malicious Commands from AI-powered Tools

Font Rendering Trick Conceals Malicious Commands from AI-powered Tools

Vaibhav March 17, 2026
en_USEnglish
en_USEnglish