Wing FTP security advisory (AV25-391) - Update 1

Serial number: AV25-391
Date: July 3, 2025
Updated: July 10, 2025

On May 14, 2025, Wing FTP a published an update to address a critical vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in the following product:

• Wing FTP Server – version v7.4.3 and prior

Open-source reporting has indicated that proof-of-concept exploit code is available for CVE-2025-47812.

Update 1

On July 10, 2025, open-source reporting indicated that the Wing FTP Remote Code Execution vulnerability CVE-2025-47812 has been actively exploited in the wild. The vulnerability is rated a CVSS 10.0.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Wing FTP Server v7.4.4