1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability

Known Exploited Vulnerabilities CVE-2025-47812

Wing FTP Server contains an improper neutralization of null byte or NUL character vulnerability that can allow injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default).

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2025-47812 Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability exploitation_technique T1068 Exploitation for Privilege Escalation
Comments
An attacker can craft a message in Lua that injects a null byte, allowing admin access to Wing FTP sessions.
References
  1. https://www.huntress.com/blog/wing-ftp-server-remote-code-execution-cve-2025-47812-exploited-in-wild
CVE-2025-47812 Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
An attacker can craft a message in Lua that injects a null byte, allowing admin access to Wing FTP sessions.
References
  1. https://www.huntress.com/blog/wing-ftp-server-remote-code-execution-cve-2025-47812-exploited-in-wild