Wing FTP Server contains an improper neutralization of null byte or NUL character vulnerability that can allow injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default).
PoC: CVE-2025-47812
CVE-2025-47812 POC
PoC: CVE-2025-47812-poc
Wing FTP Server Remote Code Execution (RCE) Exploit (CVE-2025-47812)
PoC: CVE-2025-47812
CVE-2025-47812 Poc for wingdata HTB
PoC: Exploit_CVE-2025-47812
Unauthenticated_RCE.CVE-2025-47812
PoC: CVE-2025-47812
RCE for WingFTP v4.7.3
PoC: CVE-2025-47812-Wing-FTP-Server-7.4.3-Unauthenticated-RCE-PoC
Unauthenticated remote code execution vulnerability in Wing FTP Server <= 7.4.3.
PoC: CVE-2025-47812
CVE-2025-47812: Wing FTP Server 7.4.3 UnauthN RCE in sh
PoC: Blackash-CVE-2025-47812
CVE-2025-47812
PoC: Blackash-CVE-2025-47812
CVE-2025-47812
PoC: CVE-2025-47812
Improper Neutralization of Null Byte or NUL Character in WingFTP Servers - Detection Script
PoC: CVE-2025-47812
Exploit for CVE-2025-47812 with custom psudo shell and robust error handling.
PoC: WingFTP-CVE-2025-47812-illdeed
Remote Command Execution exploit for Wing FTP Server (CVE-2025-47812)
PoC: CVE-2025-47812
Wing FTP Server RCE via Lua Injection
PoC: CVE-2025-47812-poC
Simple exploit for Wing FTP Server RCE (CVE-2025-47812) to run commands and get a reverse shell. For educational use only.
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free