Skip to main content

CVE-2025-47813: CWE-209 Generation of Error Message Containing Sensitive Information in wftpserver Wing FTP Server

Medium
VulnerabilityCVE-2025-47813cvecve-2025-47813cwe-209
Published: Thu Jul 10 2025 (07/10/2025, 00:00:00 UTC)
Source: CVE Database V5
Vendor/Project: wftpserver
Product: Wing FTP Server

Description

loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie.

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2025-05-10T00:00:00.000Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 686ff1d3a83201eaaca8df04

Added to database: 7/10/2025, 5:01:07 PM

Last updated: 7/10/2025, 5:01:07 PM

Views: 1

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats