Active Exploitation of Wing FTP Information Disclosure (CVE‑2025‑47813) Leaks Server Paths
What It Is — A medium‑severity information‑disclosure flaw in Wing FTP Server (CVE‑2025‑47813) reveals the installation directory of the application when certain error conditions are triggered. The vulnerability scores CVSS 4.3.
Exploitability — CISA has placed the flaw in its Known Exploited Vulnerabilities (KEV) catalog, confirming that threat actors are actively leveraging the bug in the wild. Public PoCs have been observed in underground forums.
Affected Products — Wing FTP Server 7.x‑8.x (Windows and Linux deployments).
TPRM Impact —
- Third‑party file‑transfer services that host sensitive data may expose internal path structures, facilitating subsequent privilege‑escalation or ransomware attacks.
- Organizations that rely on Wing FTP as a supply‑chain component could inherit the risk without direct control over patching schedules.
Recommended Actions —
- Verify whether Wing FTP Server is used by any critical vendors or internal teams.
- Apply the vendor‑released patch (or upgrade to the latest major version) immediately.
- Conduct a configuration review to ensure error messages do not disclose file system details.
- Update incident‑response playbooks to include detection of anomalous FTP requests that enumerate paths.
- Monitor CISA KEV feeds for any new exploitation indicators.
Source: The Hacker News