A severe security vulnerability, tracked as CVE-2025-47812, has been identified in Wing FTP Server versions up to and including 7.4.3.
This flaw, classified under CWE-94: Code Injection, carries a maximum CVSSv4 score of 10.0, indicating its criticality and ease of exploitation.
The vulnerability was discovered by security researcher Julien Ahrens from RCE Security and publicly disclosed on June 30, 2025.
https://cyberpress.org/vulnerability-in ... tp-server/