EIP-2026-118121

This exploit demonstrates a privilege escalation vulnerability in Wing FTP Server 6.2.3 by forging a user account with full permissions via SSH access and then editing /etc/shadow through the HTTP interface. It combines two CVEs (CVE-2020-8635 and CVE-2020-8634) to achieve local privilege escalation.