CISA Flags Year-Old Wing FTP Vulnerability as Exploited
Summary
CISA has identified a year-old vulnerability in Wing FTP Server, tracked as CVE-2025-47813, which has been actively exploited. This flaw allows for the disclosure of the application's full local installation path.
IFF Assessment
FOE
This is bad news for defenders because an actively exploited vulnerability allows attackers to gain information about the system's installation path, potentially aiding further attacks.
Severity
4.3
Medium
Defender Context
Defenders should prioritize patching or mitigating Wing FTP Server deployments to address CVE-2025-47813. This vulnerability could be a stepping stone for more sophisticated attacks by revealing crucial information about the server's environment.