Skip to content

Commit a8bb218

Browse files
author
jenkins-metasploit
committed
automatic module_metadata_base.json update
1 parent 93f902f commit a8bb218

File tree

1 file changed

+60
-0
lines changed

1 file changed

+60
-0
lines changed

db/modules_metadata_base.json

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -118519,6 +118519,66 @@
118519118519
"session_types": false,
118520118520
"needs_cleanup": null
118521118521
},
118522+
"exploit_multi/http/wingftp_null_byte_rce": {
118523+
"name": "Wing FTP Server NULL-byte Authentication Bypass (CVE-2025-47812)",
118524+
"fullname": "exploit/multi/http/wingftp_null_byte_rce",
118525+
"aliases": [],
118526+
"rank": 600,
118527+
"disclosure_date": "2025-06-30",
118528+
"type": "exploit",
118529+
"author": [
118530+
"Valentin Lobstein",
118531+
"Julien Ahrens"
118532+
],
118533+
"description": "Wing FTP Server allows arbitrary Lua code injection via a NULL-byte (%00) truncation bug (CVE-2025-47812).\n Supplying <valid-user>%00<lua-payload> as the username makes the C++ authentication routine validate only the prefix,\n while the full string is written unfiltered into the session file and later executed with root/SYSTEM privileges,\n leading to Remote Code Execution.",
118534+
"references": [
118535+
"CVE-2025-47812",
118536+
"URL-https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/"
118537+
],
118538+
"platform": "Linux,Unix,Windows",
118539+
"arch": "cmd",
118540+
"rport": 80,
118541+
"autofilter_ports": [
118542+
80,
118543+
8080,
118544+
443,
118545+
8000,
118546+
8888,
118547+
8880,
118548+
8008,
118549+
3000,
118550+
8443
118551+
],
118552+
"autofilter_services": [
118553+
"http",
118554+
"https"
118555+
],
118556+
"targets": [
118557+
"Unix/Linux Command Shell",
118558+
"Windows Command Shell"
118559+
],
118560+
"mod_time": "2025-07-05 22:25:45 +0000",
118561+
"path": "/modules/exploits/multi/http/wingftp_null_byte_rce.rb",
118562+
"is_install_path": true,
118563+
"ref_name": "multi/http/wingftp_null_byte_rce",
118564+
"check": true,
118565+
"post_auth": true,
118566+
"default_credential": false,
118567+
"notes": {
118568+
"Stability": [
118569+
"crash-safe"
118570+
],
118571+
"Reliability": [
118572+
"repeatable-session"
118573+
],
118574+
"SideEffects": [
118575+
"ioc-in-logs",
118576+
"artifacts-on-disk"
118577+
]
118578+
},
118579+
"session_types": false,
118580+
"needs_cleanup": null
118581+
},
118522118582
"exploit_multi/http/wondercms_rce": {
118523118583
"name": "WonderCMS Remote Code Execution",
118524118584
"fullname": "exploit/multi/http/wondercms_rce",

0 commit comments

Comments
 (0)