轉發 台灣電腦網路危機處理暨協調中心 TWCERTCC-200-202507-00000020

[內容說明]
1.【CVE-2025-47812】Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability (CVSS v3.1: 10.0)
【是否遭勒索軟體利用:未知】 Wing FTP Server存在對空位元組或NUL字元處理不當漏洞，可能允許將任意Lua程式碼注入使用者工作階段檔案。攻擊者可藉此執行任意系統指令，並以FTP服務的權限執行(預設為root或SYSTEM權限)。
【影響平台】 Wing FTP Server 7.4.4(不含)之前的版本

2.【CVE-2025-25257】Fortinet FortiWeb SQL Injection Vulnerability (CVSS v3.1: 9.8)
【是否遭勒索軟體利用:未知】 Fortinet FortiWeb存在SQL注入漏洞，可能允許未經驗證的攻擊者透過特製的HTTP或HTTPS請求執行未經授權的SQL程式碼或指令。
【影響平台】請參考官方所列的影響版本
https://fortiguard.fortinet.com/psirt/FG-IR-25-151

3.【CVE-2025-53770】Microsoft SharePoint Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 9.8)
【是否遭勒索軟體利用:未知】 本地端部署的Microsoft SharePoint Server存在未信任資料反序列化漏洞，可能允許未經授權的攻擊者透過網路執行程式碼。
【影響平台】請參考官方所列的影響版本
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770

[影響平台]
詳細內容於內容說明欄之影響平台

[建議措施]
1.【CVE-2025-47812】 對應產品升級至以下版本(或更高) Wing FTP Server 7.4.4

2.【CVE-2025-25257】 官方已針對漏洞釋出修復更新，請更新至相關版本
https://fortiguard.fortinet.com/psirt/FG-IR-25-151

3.【CVE-2025-53770】 官方已針對漏洞釋出修復更新，請更新至相關版本
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770

Forwarded by Taiwan Computer Network Crisis Response and Coordination Center TWCERTCC-200-202507-00000020

[Content Description]
1.【CVE-2025-47812】Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability (CVSS v3.1: 10.0)
【Whether it is exploited by ransomware: unknown】 Wing FTP Server has a vulnerability in improper handling of null bytes or NUL characters, which may allow arbitrary Lua code to be injected into user session files. Attackers can use this to execute arbitrary system commands and execute them with the permissions of the FTP service (default is root or SYSTEM permissions).
[Affected Platform] Wing FTP Server 7.4.4 (not included) and earlier versions

2. [CVE-2025-25257] Fortinet FortiWeb SQL Injection Vulnerability (CVSS v3.1: 9.8)
[Whether it is exploited by ransomware: unknown] Fortinet FortiWeb has a SQL injection vulnerability that may allow unauthenticated attackers to execute unauthorized SQL code or instructions through specially crafted HTTP or HTTPS requests.
[Affected Platforms] Please refer to the official affected versions
https://fortiguard.fortinet.com/psirt/FG-IR-25-151

3. [CVE-2025-53770] Microsoft SharePoint Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 9.8)
[Whether it has been exploited by ransomware: unknown] The locally deployed Microsoft SharePoint Server has an untrusted data deserialization vulnerability that may allow unauthorized attackers to execute code over the network.
[Affected Platforms] Please refer to the official affected versions
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770

[Affected Platforms]
For details, please refer to the affected platforms in the content description column

[Recommended Measures]
1. [CVE-2025-47812] Upgrade the corresponding product to the following version (or higher) Wing FTP Server 7.4.4

2. [CVE-2025-25257] The official has released a fix update for the vulnerability, please update to the relevant version
https://fortiguard.fortinet.com/psirt/FG-IR-25-151

3. [CVE-2025-53770] The official has released a fix update for the vulnerability, please update to the relevant version
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770