Unrated severityNVD Advisory· Published Jan 30, 2026· Updated Mar 5, 2026
Wing FTP Server 6.3.8 - Remote Code Execution
CVE-2020-37032
Description
Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the os.execute() function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 6.3.8
- Wing FTP Server/Wing FTP Serverv5Range: 6.3.8
Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/48676mitreexploit
- www.vulncheck.com/advisories/wing-ftp-server-remote-code-executionmitrethird-party-advisory
- www.wftpserver.commitreproduct
News mentions
0No linked articles in our index yet.