CVE-2020-37079

MEDIUM

Wing FTP Server < 6.2.7 - Cross-Site Request Forgery in Web Administration Interface

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37079. PoCs published by Dhiraj Mishra.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in Wing FTP Server 6.2.6, allowing an authenticated attacker to delete the admin user via a crafted HTML form. The PoC includes a simple HTML page that submits a POST request to delete the admin account.

Description

Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (CSRF) vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user account without proper authorization.

Exploits (1)

exploitdb WORKING POC
by Dhiraj Mishra · textwebappsphp
https://www.exploit-db.com/exploits/48200

This exploit demonstrates a CSRF vulnerability in Wing FTP Server 6.2.6, allowing an authenticated attacker to delete the admin user via a crafted HTML form. The PoC includes a simple HTML page that submits a POST request to delete the admin account.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Wing FTP Server v6.2.6
Auth required
Prerequisites: Authenticated session · Victim interaction to visit malicious page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/48200
Various Sources product
https://www.wftpserver.com

Scores

CVSS v3 4.3
EPSS 0.0017
EPSS Percentile 6.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-352
Status published
Products (1)
wftpserver/wing_ftp_server < 6.2.7
Published Feb 07, 2026
Tracked Since Feb 18, 2026