Federal agencies urged to patch Wing FTP Server flaw following CISA warning

A vulnerability was added to the database, and it was found to be exploited in the wild.
Cybernews

CISA flags actively exploited vulnerability of file transfer software used by US Air Force and Sony

Tracked as CVE-2025-47813, the security flaw allows threat actors with low privileges to discover the full local installation path of the application on unpatched servers ...
Techzine Europe

CISA: Wing FTP Server vulnerabilities are being actively exploited

CISA warns of active exploitation of CVE-2025-47813 in Wing FTP Server, which allows attackers to determine the software’s ...

CISA flags Wing FTP Server flaw as actively exploited in attacks

CISA warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability that may be chained in remote code execution attacks.
SecurityWeek

CISA Flags Year-Old Wing FTP Vulnerability as Exploited

CISA warns that a Wing FTP vulnerability leading to the disclosure of the full local installation path has been exploited in attacks.
The Hacker News

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

CISA adds Wing FTP CVE-2025-47813 to KEV after active exploitation, exposing server paths and aiding attacks; patch by March 30, 2026.
Bleeping Computer

Exploit available for critical WS_FTP bug exploited in attacks

Over the weekend, security researchers released a proof-of-concept (PoC) exploit for a maximum severity remote code execution vulnerability in Progress Software's WS_FTP Server file sharing platform.