Apr 23, 2026, 05:15 PM
(Jul 28, 2025, 02:54 PM)thermos Wrote: This vulnerability originates from Wing FTP Server's improper handling of NULL bytes within the username parameter during the authentication process. This allows attackers to inject Lua code directly into session files. These malicious session files are then executed when a valid session is loaded, leading to arbitrary command execution on the server.
Key features of this exploit include:
Remote Code Execution: Execute any command you choose on the target server.
Root/SYSTEM Privileges: Often achieves RCE with the highest system privileges due to the default configurations of Wing FTP Server.
Anonymous Access Exploitation: Can be leveraged even if only anonymous logins are permitted on the server.
Batch Scanning: Scan multiple targets by providing a list of URLs from a file.
Custom Command Execution: Specify and run any command you need on the vulnerable server.