Количество 2
Количество 2
CVE-2022-50934
Rejected reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue.
GHSA-5wrh-xjpw-88r6
Wing FTP Server versions 4.3.8 and below contain an authenticated remote code execution vulnerability that allows attackers to execute arbitrary PowerShell commands through the admin interface. Attackers can leverage a crafted Lua script payload with base64-encoded PowerShell to establish a reverse TCP shell by authenticating and sending a malicious request to the admin panel.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-50934 Rejected reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. | 26 дней назад | ||
| GHSA-5wrh-xjpw-88r6 Wing FTP Server versions 4.3.8 and below contain an authenticated remote code execution vulnerability that allows attackers to execute arbitrary PowerShell commands through the admin interface. Attackers can leverage a crafted Lua script payload with base64-encoded PowerShell to establish a reverse TCP shell by authenticating and sending a malicious request to the admin panel. | CVSS3: 8.8 | 26 дней назад |
Уязвимостей на страницу