Security Advisory

CVE-2020-37079

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-06 23:16:47

Last updated 2026-03-05 01:27:46

Assigner VulnCheck

State PUBLISHED

Description

Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (CSRF) vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user account without proper authorization.

← Browse all CVEs View on cve.org ↗