Users of Wing FTP Server versions v3.1.2 or earlier are strongly advised to update their software. In recent investigations, TrendLabs’ vulnerability research group found a vulnerability in the said versions that can be used to crash users’ FTP servers.
The bug is a denial-of-service (DoS) vulnerability, which can be exploited by using an invalid parameter for the PORT command. It affects version 3.1.2 for Windows although Wing FTP Server states that other versions may also be affected.
After we contacted them regarding this discovery, Wing FTP Server already released updates to address this vulnerability. Users of Wing FTP Server should update to version 3.2.0 or later.
Information on this can also be found in our security advisory found here.
Trend Micro reminds users to ensure that they keep applications up-to-date in order to help mitigate the risk of cybercrime.