POC详情: 190c2a2750e2504fdb6e1959327641cf4938d3f8

来源
https://github.com/0xcan1337/CVE-2025-47812-poC
关联漏洞
标题: Wing FTP Server 7.4.3及 安全漏洞 (CVE-2025-47812)
描述:Wing FTP Server是Wing FTP Server开源的一套跨平台的FTP服务器软件。 Wing FTP Server 7.4.3版本及之前版本存在安全漏洞。攻击者利用该漏洞可以远程执行代码。
描述
Simple exploit for Wing FTP Server RCE (CVE-2025-47812) to run commands and get a reverse shell. For educational use only.
介绍
# CVE-2025-47812-poC
Simple exploit for Wing FTP Server RCE (CVE-2025-47812) to run commands and get a reverse shell. For educational use only.

# Vulnerability Details
This security vulnerability was publicly disclosed and detailed by RCESecurity (https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/). 

The exploit was developed by me for educational and testing purposes. I am not the original discoverer of the vulnerability.

# Wing FTP Server RCE (CVE-2025-47812)
The vulnerability exists due to improper handling of NULL bytes in the username parameter during login in Wing FTP Server versions 7.4.3 and earlier. This allows unauthenticated attackers to inject Lua code into session files, leading to remote code execution with elevated privileges.

This PoC exploit allows:

Arbitrary command execution on the vulnerable server.
Opening a reverse shell connection for interactive access.

Usage and poC video:

<pre markdown="1">python CVE-2025-47812-poC.py</pre>

![Demo](wftp-rce.gif)

1) Run command: It allows you to run commands directly on the target server. Enter the target URL and username, then provide the command to execute and receive its output.
2) Get Reverse Shell: It allows you obtain a reverse shell on the server. Specify your LHOST and LPORT values to establish the reverse shell connection.

# Affected Versions
Wing FTP Server versions 7.4.3 and earlier are vulnerable.

Versions from 7.4.4 onwards have patched this issue.

## Disclaimer
This exploit is provided for **educational purposes only**.  
Use it responsibly and only on systems you have explicit permission to test.  
The author is not responsible for any misuse or damage caused by this tool.
文件快照

 [4.0K]  /data/pocs/190c2a2750e2504fdb6e1959327641cf4938d3f8
├── [5.1K]  CVE-2025-47812-poC.py
├── [1.0K]  LICENSE
├── [1.7K]  README.md
└── [5.9M]  wftp-rce.gif

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。