Primary

Context

Wing FTP Server Lua Admin Console Privilege Escalation Vulnerability

Vulnerability

Patched

A critical vulnerability allowing unauthorized privilege escalation has been identified in Wing FTP Server versions through 7.4.3. The issue arises from an unknown function in the Lua Admin Console component, enabling remote execution with elevated privileges. Although the vulnerability is challenging to exploit, it can be addressed by upgrading to version 7.4.4.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of commands or scripts with elevated privileges, potentially allowing an attacker to perform actions or access resources that are normally restricted.

Remediation

Users are advised to upgrade to Wing FTP Server version 7.4.4, which addresses this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

10.0

exploitability

6.6

remediation

8.3

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

10.0

exploitability

6.6

remediation

8.3

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wing FTP Server Lua Admin Console Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Wing FTP Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating