**Vulnerability Details** **Wing FTP Server** is a cross-platform FTP server solution offering secure file transfer capabilities via SFTP and integrated web servers. The software boasts a significant user base, with developers claiming over 10,000 customers worldwide, including entities like the **U.S. Air Force**, **Sony**, **Airbus**, **Reuters**, and **Sephora**. Tracked as **CVE-2025-47813**, the vulnerability allows attackers with low-level privileges to uncover the full local installation path of the application on vulnerable, unpatched servers. "**Wing FTP Server** contains a generation of error message containing sensitive information vulnerability when using a long value in the UID cookie," **CISA** explains in its advisory. **Patch Availability and Related Vulnerabilities** The developers addressed **CVE-2025-47813** in May 2025 with the release of **Wing FTP Server** v7.4.4. This update also included fixes for **CVE-2025-47812**, a critical RCE bug, and **CVE-2025-27889**, an information disclosure flaw that could be exploited to steal user passwords. **Exploitation in the Wild** The RCE vulnerability, **CVE-2025-47812**, was previously reported as being actively exploited in the wild, with attacks commencing shortly after technical details were publicly disclosed. Security researcher Julien Ahrens, who discovered and reported these vulnerabilities, also released proof-of-concept exploit code for **CVE-2025-47813** in June. Ahrens indicated that attackers might chain this vulnerability with **CVE-2025-47812** during exploitation attempts. **CISA Action and Recommendations** On Tuesday, **CISA** added **CVE-2025-47813** to its catalog of actively exploited vulnerabilities. Federal Civilian Executive Branch (FCEB) agencies have been given a two-week deadline to patch their systems, as mandated by Binding Operational Directive (BOD) 22-01, issued in November 2021. While BOD 22-01 is specifically aimed at federal agencies, **CISA** strongly encourages all organizations, including those in the private sector, to promptly patch their servers to mitigate potential attacks. "This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise," **CISA** warned. **Mitigation Guidance** **CISA** recommends the following actions: * Apply mitigations as per vendor instructions. * Follow applicable BOD 22-01 guidance for cloud services. * Discontinue use of the product if mitigations are unavailable. <!-- Raw HTML for Sponsored Content --> <div> <div> <h2>Red Report 2026: Why Ransomware Encryption Dropped 38%</h2> <p>Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.</p> <p>Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.</p> </div> </div>