Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild

A critical vulnerability in Wing FTP Server, identified as CVE-2025-47812, is currently being exploited in the wild. This flaw allows attackers to execute arbitrary code via Lua injection, posing a significant threat to affected systems.

The vulnerability has been rated as critical due to its potential to allow remote code execution without authentication. Organizations using Wing FTP Server are urged to apply patches immediately to mitigate the risk of exploitation.

Security researchers have observed active exploitation attempts targeting this vulnerability. The attacks are leveraging the flaw to gain unauthorized access to sensitive data and potentially take control of the affected servers.

The discovery of this vulnerability underscores the importance of regular software updates and the need for organizations to remain vigilant against emerging threats. Wing FTP Server users should consult the vendor's advisory for patch details and apply the updates without delay.