In the remote management panel there is a console written in the LUA language, which can be exploited to execute commands in the Operating System through the os.execute() function native to lua.īelow is a remote command execution PoC through the lua console to obtain a reverse shell on the target machine. The C:\Program Files (x86)Wing FTP Server_ADMINISTRATOR\admins.xml file stores the admin credentials by saving the password in an md5 hash, which can be easily deciphered, as shown in the image below: Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system. When accessing the Wing FTP Server remote management panel, the credentials are transmitted in clear, as shown in the image below:Īnother vulnerability found is the unprotected storage of the application's admin credentials. Wing FTP Server version 6.3.8 authenticated remote code execution exploit that leverages the web console. Wing FTP server 6.3.8: Vulnerability Description: A remote code execution vulnerability exists in Wing FTP server. Initial Threat Environment Assessment, and Defense Security Service Threat Assessment). You can also monitor server performance and online sessions and even receive email notifications about various events taking place on the server. Program Execution, Program Reviews
0 Comments
Leave a Reply. |