CVE-2023-37881

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 12, 2023

Updated: Sep 15, 2023

CWE ID 863

Summary

CVE-2023-37881 is a vulnerability affecting the Wing FTP Server's Admin Web Client, where access control is weak. An attacker can exploit this issue, present in versions below 7.2.0, to gain privilege escalation, enabling unauthorized access to higher-level functions and potentially sensitive data. This vulnerability poses a significant risk to organizations using the affected version of Wing FTP Server. It is crucial for administrators to update their systems to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r8c6Sp
https://www.cve.org/CVERecord?id=CVE-2023-37881
https://nvd.nist.gov/vuln/detail/CVE-2023-37881

Back to Vulnerability Database

CVE-2023-37881

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations