CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

CISA has added CVE-2025-47813, an information disclosure vulnerability in Wing FTP Server, to its Known Exploited Vulnerabilities catalog.

• •CVE-2025-47813 (CVSS 4.3) leaks the server's installation path when a long value is supplied in the UID cookie, triggering an error message with the full local path.
• •The flaw affects all Wing FTP Server versions up to and including 7.4.3; it was patched in version 7.4.4 released in May 2025.
• •Version 7.4.4 also fixes CVE-2025-47812 (CVSS 10.0), a critical remote code execution bug actively exploited since July 2025.
• •Attackers exploiting CVE-2025-47812 have been observed downloading malicious Lua files, conducting reconnaissance, and installing remote monitoring tools.
• •FCEB agencies are required to apply the fix by March 30, 2026.