CVE-2025-47813 is a vulnerability identified in Wing FTP Server versions prior to 7.4.4, involving the generation of error messages that disclose sensitive information. Specifically, when a long value is supplied in the UID cookie, the loginok.html page reveals the full local installation path of the Wing FTP Server application. This issue is classified under CWE-209, which pertains to the generation of error messages containing sensitive information. The vulnerability arises from insufficient sanitization or handling of input values leading to detailed error output that includes internal file system paths. The disclosed path information can assist attackers in mapping the server environment, facilitating targeted attacks such as directory traversal, privilege escalation, or other exploitation attempts. The CVSS v3.1 base score is 4.3 (medium severity), with an attack vector of network (AV:N), low attack complexity (AC:L), requiring low privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), and only confidentiality impact (C:L) without affecting integrity or availability. No known exploits have been reported in the wild, but the vulnerability represents a reconnaissance risk that could be leveraged in multi-stage attacks. The affected product is Wing FTP Server, a cross-platform FTP server solution used by organizations for file transfer services. The vulnerability was reserved in May 2025 and published in July 2025. No official patches or updates are linked yet, but upgrading to version 7.4.4 or later is recommended once available.

The primary impact of CVE-2025-47813 is the disclosure of sensitive internal information, specifically the full local installation path of the Wing FTP Server application. While this does not directly compromise system integrity or availability, it provides attackers with valuable reconnaissance data that can be used to tailor further attacks such as privilege escalation, directory traversal, or exploitation of other vulnerabilities. Organizations relying on Wing FTP Server for critical file transfer operations may face increased risk of targeted attacks if this information is exposed. The vulnerability requires network access and low privileges, meaning an attacker with limited access could exploit it remotely without user interaction. Although no active exploits are known, the information leakage could facilitate more sophisticated attacks, especially in environments where FTP servers are exposed to untrusted networks. This could lead to data breaches or service disruptions if combined with other vulnerabilities. The impact is thus moderate but non-negligible, warranting timely remediation to prevent escalation.

To mitigate CVE-2025-47813, organizations should: 1) Upgrade Wing FTP Server to version 7.4.4 or later as soon as the patch is available, since this version addresses the vulnerability. 2) Implement strict access controls to limit network exposure of the FTP server, restricting access to trusted IP addresses and internal networks only. 3) Configure web server and application error handling to avoid detailed error messages that reveal internal paths or system information. 4) Employ web application firewalls (WAFs) or intrusion detection/prevention systems (IDS/IPS) to monitor and block suspicious requests, especially those with unusually long cookie values or malformed inputs. 5) Conduct regular security audits and penetration testing to identify and remediate similar information disclosure issues. 6) Educate administrators on secure configuration and monitoring of FTP servers to detect anomalous activities early. These steps go beyond generic advice by focusing on proactive error handling, network segmentation, and monitoring tailored to the nature of this vulnerability.