Skip to main content

CVE-2025-47813: CWE-209 Generation of Error Message Containing Sensitive Information in wftpserver Wing FTP Server

Medium
VulnerabilityCVE-2025-47813cvecve-2025-47813cwe-209
Published: Thu Jul 10 2025 (07/10/2025, 00:00:00 UTC)
Source: CVE Database V5
Vendor/Project: wftpserver
Product: Wing FTP Server

Description

loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie.

AI-Powered Analysis

AILast updated: 07/10/2025, 17:16:09 UTC

Technical Analysis

CVE-2025-47813 is a medium-severity vulnerability affecting Wing FTP Server versions prior to 7.4.4. The issue arises from the loginok.html page disclosing sensitive information through error messages when a specially crafted long value is used in the UID cookie. Specifically, the vulnerability is categorized under CWE-209, which involves the generation of error messages containing sensitive information. In this case, the server reveals the full local installation path of the application. This information disclosure occurs without requiring user interaction but does require some level of privileges (PR:L) as indicated by the CVSS vector. The vulnerability has a CVSS 3.1 base score of 4.3, reflecting a low to medium impact primarily on confidentiality, with no impact on integrity or availability. The attack vector is network-based (AV:N), and the attack complexity is low (AC:L), meaning an attacker can exploit this remotely with relative ease once they have the required privileges. Although no known exploits are currently reported in the wild, the disclosure of the full installation path can aid attackers in further reconnaissance and facilitate more targeted attacks such as directory traversal, privilege escalation, or exploitation of other vulnerabilities by revealing the server's directory structure and deployment details. The vulnerability does not require user interaction (UI:N) and does not affect the scope beyond the vulnerable component (S:U).

Potential Impact

For European organizations using Wing FTP Server, this vulnerability poses a moderate risk primarily related to information leakage. Disclosure of the full local installation path can provide attackers with valuable intelligence about the server environment, potentially enabling more sophisticated attacks. While the vulnerability itself does not allow direct compromise of data integrity or availability, it can be a stepping stone for attackers to identify other weaknesses or misconfigurations. Organizations handling sensitive or regulated data, such as financial institutions, healthcare providers, or government agencies, may find this information disclosure particularly concerning as it could aid in targeted attacks. Additionally, compliance with European data protection regulations like GDPR requires minimizing unnecessary exposure of system details that could facilitate breaches. Therefore, even though the immediate impact is limited, the vulnerability could indirectly increase the risk of more severe security incidents if exploited in combination with other vulnerabilities.

Mitigation Recommendations

To mitigate this vulnerability, European organizations should prioritize upgrading Wing FTP Server to version 7.4.4 or later, where the issue has been addressed. If immediate patching is not feasible, organizations should implement web application firewall (WAF) rules to detect and block requests with abnormally long UID cookie values that trigger the error message. Additionally, server-side error handling should be reviewed and hardened to avoid leaking sensitive information in error responses. Logging and monitoring should be enhanced to detect unusual access patterns or attempts to exploit this vulnerability. Restricting access to the FTP server management interface and enforcing least privilege principles can reduce the risk of exploitation since the vulnerability requires some level of privileges. Finally, conducting regular security assessments and penetration testing focused on information disclosure vulnerabilities will help identify and remediate similar issues proactively.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2025-05-10T00:00:00.000Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 686ff1d3a83201eaaca8df04

Added to database: 7/10/2025, 5:01:07 PM

Last enriched: 7/10/2025, 5:16:09 PM

Last updated: 7/11/2025, 2:14:38 AM

Views: 3

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats