CVE-2019-25267

Name of the Vulnerable Software and Affected Versions Wing FTP Server version 6.0.7

Description The software contains an unquoted service path issue that may allow local attackers to execute arbitrary code with elevated system privileges. Exploitation involves the unquoted binary path within the service configuration, enabling the injection of malicious executables that run with LocalSystem permissions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.