Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Due to insecure permissions when handling session cookies, a local user may view the contents of the session and session_admin directories, which expose active session cookies within the Wing FTP HTTP interface and administration panel. These cookies may be used to hijack user and administrative sessions, including the ability to execute Lua commands as root within the administration panel.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Wing FTP Server 安全漏洞
Vulnerability Description
Wing FTP Server是一套跨平台的FTP服务器软件。 Wing FTP Server 6.2.5版本(2020月2日之前)中存在安全漏洞。本地攻击者可利用该漏洞查看会话内容及session_admin路径。
CVSS Information
N/A
Vulnerability Type
N/A