Notcos

**Name of the Vulnerable Software and Affected Versions** Wing FTP Server versions 4.3.8 and below **Description** The software contains a remote code execution issue that allows attackers to execute arbitrary PowerShell commands. An attacker can leverage a crafted Lua script payload with base64-encoded PowerShell to establish a reverse TCP shell. This is achieved by authenticating and sending a malicious request to the admin panel. The affected API endpoint is the admin interface. The vulnerable parameter is the request sent to the admin panel containing the Lua script payload. **Recommendations** Update Wing FTP Server to a version newer than 4.3.8.