Serial number: AV25-391
Date: July 3, 2025
Updated: July 10, 2025
On May 14, 2025, Wing FTP a published an update to address a critical vulnerability in the following product:
- Wing FTP Server – version v7.4.3 and prior
Open-source reporting has indicated that proof-of-concept exploit code is available for CVE-2025-47812.
Update 1
On July 10, 2025, open-source reporting indicated that the Wing FTP Remote Code Execution vulnerability CVE-2025-47812 has been actively exploited in the wild. The vulnerability is rated a CVSS 10.0.
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.