
æè¿ãWing FTP Serverã§çºèŠãããæ å ±æŒããè匱æ§CVE-2025-47813ãå®éã®æ»æã«æªçšãããŠããå åã確èªãããç±³åœã®ãµã€ããŒã»ãã¥ãªãã£ã»ã€ã³ãã©ã»ãã¥ãªãã£åºïŒCISAïŒã¯ããã Known Exploited Vulnerabilities(KEV) ã«ã¿ãã°ã«è¿œå ããŸãããåœè©²è匱æ§ã¯CVSSã¹ã³ã¢4.3ã®äžçšåºŠã«åé¡ãããŸããããµãŒããŒã®ããŒã«ã«ã€ã³ã¹ããŒã«ãã¹ãé²åºããå¯èœæ§ãããç¹ãããåãªãæ å ±æŒããã«ãšã©ãŸããªãã»ãã¥ãªãã£ãªã¹ã¯ããããŸããç¹ã«åäžè£œåã§çºèŠããããªã¢ãŒãã³ãŒãå®è¡ïŒRCEïŒè匱æ§CVE-2025-47812ãšçµã¿åãããããšã§ãå®éã®æ»æãã§ãŒã³ã®äžéšãšããŠæªçšãããå¯èœæ§ãææãããŠãããã»ãã¥ãªãã£ã³ãã¥ããã£ã®é¢å¿ãé«ãŸã£ãŠããŸãã
Wing FTP Serverã¯ãFTPãSFTPãHTTPããŒã¹ã®ãã¡ã€ã«è»¢éæ©èœãæäŸããã¯ãã¹ãã©ãããã©ãŒã ã®ãµãŒããŒãœãããŠã§ã¢ã§ãããäžçäžã®æ°åã®çµç¹ã§å©çšãããŠããŸãããã®ãããªç°å¢ã«ãããŠãã€ã³ã¿ãŒãããã«é²åºãããã¡ã€ã«è»¢éãµãŒããŒã¯æ»æè ã«ãšã£ãŠåæäŸµå ¥ãã€ã³ããšãªãåŸãŸããããã«ãè匱æ§ãšå€éšé²åºãçµã¿åãããããšã§ãå®éã®æ»æã«ã€ãªããå¯èœæ§ã倧ããé«ãŸããŸãã
æ¬èšäºã§ã¯ãWing FTP Serverã®è匱æ§CVE-2025-47813ã®æè¡çãªåé¡ã𿻿å¯èœæ§ãåæããCriminal IPã®ããŒã¿ãåºã«ã€ã³ã¿ãŒãããäžã«é²åºããWing FTPãµãŒãã¹ã®çŸç¶ãéããŠãæ»æå¯Ÿè±¡é åã®èгç¹ããã®ã»ãã¥ãªãã£äžã®ç€ºåãèå¯ããŸãã
Wing FTPãµãŒããŒèåŒ±æ§æŠèŠ

| é ç® | å 容 |
|---|---|
| è匱æ§ID | CVE-2025-47813 |
| 圱é¿è£œåã | Wing FTP Server |
| è匱æ§ã¿ã€ã | Information Disclosure |
| CVSSã¹ã³ã¢ | 4.3 (Medium) |
| äž»ãªåœ±é¿ | ãµãŒããŒã®ããŒã«ã«ã€ã³ã¹ããŒã«ãã¹ã®é²åº |
| 圱é¿ããŒãžã§ã³ | 7.4.3 ä»¥äž |
| ä¿®æ£ããŒãžã§ã³ | 7.4.4 |
CVE-2025-47813ã¯ãWing FTP Serverã®WebèªèšŒåŠçã«ãããŠå ¥åæ€èšŒãé©åã«è¡ãããŠããªãåé¡ã«ããçºçããŸãããã®è匱æ§ã¯ /loginok.html ãšã³ããã€ã³ãã§çºçããæ»æè ãUIDã»ãã·ã§ã³ã¯ãããŒã®å€ã«é床ã«é·ãæååãæ¿å ¥ããå ŽåããµãŒããŒããšã©ãŒã¡ãã»ãŒãžãè¿ãéçšã§ããŒã«ã«ã€ã³ã¹ããŒã«ãã¹ãé²åºããæ§é ãšãããŠããŸãã
å ·äœçãªåäœãããŒã¯æ¬¡ã®ãšããã§ãã
- æ»æè ãç°åžžã«é·ãUIDã¯ãããŒå€ãå«ããªã¯ãšã¹ããéä¿¡
- ãµãŒããŒãåœè©²å€ãåŠçããéçšã§ãã¹é·ã®å¶éãè¶ é
- ãšã©ãŒã¡ãã»ãŒãžãçºç
- ãšã©ãŒã¡ãã»ãŒãžã«ã¢ããªã±ãŒã·ã§ã³ã®å®å šãªããŒã«ã«ãã¡ã€ã«ãã¹ãå«ãŸããŠè¿åŽ
ãã®è匱æ§èªäœã¯çŽæ¥çãªãªã¢ãŒãã³ãŒãå®è¡ãå¯èœã«ãããã®ã§ã¯ãããŸãããããããæ»æè ããµãŒããŒã®ãã¡ã€ã«ã·ã¹ãã æ§é ãã€ã³ã¹ããŒã«äœçœ®ã«é¢ããæ å ±ãååŸã§ããç¹ãããè¿œå æ»æã®ããã®åµå¯æ®µéãšããŠå©çšãããå¯èœæ§ããããŸãã
RCEè匱æ§ãšã®çµã¿åããã®å¯èœæ§
äžéšã®ã»ãã¥ãªãã£ç ç©¶è ã¯ãä»åã®Wing FTP Serverã®è匱æ§CVE-2025-47813ããåäžè£œåã®ä»ã®è匱æ§ãšçµã¿åãããŠæªçšãããå¯èœæ§ãææããŠããŸããç¹ã«ãWing FTP Serverã«ã¯CVE-2025-47812ïŒCVSS 10.0ïŒãšããŠè¿œè·¡ãããŠãããªã¢ãŒãã³ãŒãå®è¡è匱æ§ãååšãããã®è匱æ§ã¯ãã§ã«å®éã®æ»æã§æªçšãããäºäŸãå ±åãããŠããŸãã
åœæãæ»æè ã¯æ¬¡ã®ãããªæŽ»åãè¡ã£ããšãããŠããŸãã
- æªæã®ããLuaã¹ã¯ãªããã®ããŠã³ããŒãããã³å®è¡
- ã·ã¹ãã ç°å¢æ å ±ã®åé
- ãªã¢ãŒã管çããã³ã¢ãã¿ãªã³ã°ãœãããŠã§ã¢ã®ã€ã³ã¹ããŒã«
- è¿œå æ»æã®ããã®å éšåµå¯
ãã®ãããªæ»æãããŒã«ãããŠãCVE-2025-47813ã«ãã£ãŠååŸããããµãŒããŒãã¹æ å ±ããRCEè匱æ§ã®æªçšéçšã§å©çšãããå¯èœæ§ãææãããŠããŸããããªãã¡ãæ»æè ã¯ã€ã³ã¿ãŒãããäžã§Wing FTP Serverãæ¢çŽ¢ããCVE-2025-47813ãå©çšããŠãµãŒããŒãã¹æ å ±ãååŸãããã®åŸCVE-2025-47812ãæªçšããŠãã«ãŠã§ã¢ãå®è¡ããã·ã¹ãã ãææ¡ãããšããæ»æãã§ãŒã³ãæ§æããããšãå¯èœã§ãã
ãã®ãããªæ»æãããŒã¯ãåäžã®è匱æ§ã§ã¯ãªããè€æ°ã®è匱æ§ãçµã¿åãããããšã§æ»æã®åœ±é¿ç¯å²ãæ¡å€§ããå žåçãªäºäŸãšãããŸãã
Wing FTP å ¬éè³ç£ã®ææ¡ããã³åæ
è匱æ§ãã®ãã®ãšåæ§ã«éèŠãªèŠçŽ ã¯ãã€ã³ã¿ãŒãããããã¢ã¯ã»ã¹å¯èœãªè匱ãµãŒãã¹ã®èŠæš¡ã§ãããã¡ã€ã«è»¢éãµãŒããŒã¯éçšã®å©äŸ¿æ§ã®ããå€éšããã¢ã¯ã»ã¹å¯èœã«æ§æãããããšãå€ãããã®ãããªç°å¢ã§ã¯è匱æ§å ¬éåŸã«èªååãããã¹ãã£ã³ãæ»æè©Šè¡ãæ¥éã«å¢å ããå¯èœæ§ããããŸããããã確èªãããããCriminal IPã®ITè³ç£æ€çŽ¢ã§Wing FTPãµãŒãã¹ãå¯Ÿè±¡ã«æ€çŽ¢ã宿œããŸããã

Criminal IP æ€çŽ¢ã¯ãšãª: product: Wing FTP
ãã®æ€çŽ¢ã«ãããã€ã³ã¿ãŒãããäžã«é²åºããŠããWing FTPãµãŒããŒã®ã€ã³ã¹ã¿ã³ã¹ãèå¥ã§ããŸãããã®ã¯ãšãªã¯ãµãŒãã¹ãããŒãè奿 å ±ãåºã«ãWing FTPãµãŒããŒãšæšå®ãããè³ç£ãæ€ç¥ããŸãã
Criminal IP ITè³ç£æ€çŽ¢ã®çµæåæã§ã¯ã倿°ã®Wing FTPãµãŒãã¹ãå€éšããèå¥å¯èœãªç°å¢ã確èªãããŸããããããã®ãµãŒãã¹ã¯äžè¬çã«FTPãSFTPããŸãã¯WebããŒã¹ã®ãã¡ã€ã«è»¢éã€ã³ã¿ãŒãã§ãŒã¹ãšããŠéçšãããŠãããäžéšã®ç°å¢ã§ã¯ç®¡çã€ã³ã¿ãŒãã§ãŒã¹ãçŽæ¥å ¬éãããç¶æ ã§éçšãããŠããã±ãŒã¹ã芳枬ãããŠããŸãã
ã¢ã¯ã»ã¹å¯èœãªWing FTPãµãŒãã¹ã®è¿œå åæ
å®éã«Webã€ã³ã¿ãŒãã§ãŒã¹ãå€éšããæ£åžžãªå¿çãè¿ãWing FTPãµãŒãã¹ãèå¥ãããããããå ·äœçãªæ€çŽ¢æ¡ä»¶ãé©çšããŸããã

Criminal IP æ€çŽ¢ã¯ãšãª: product: Wing FTP AND status_code: 200
ãã®ã¯ãšãªã¯ãHTTPãªã¯ãšã¹ãã«å¯ŸããŠæ£åžžå¿çãè¿ãWing FTPãµãŒãã¹ããã£ã«ã¿ãªã³ã°ããå®éã«ã¢ã¯ã»ã¹å¯èœãªWebã€ã³ã¿ãŒãã§ãŒã¹ç°å¢ãèå¥ããããã«äœ¿çšãããŸãã
åã«è£œååãèå¥ãããã¬ãã«ãè¶ ããŠãstatus_code: 200ãã£ã«ã¿ã¯å€éšãªã¯ãšã¹ãã«å¯ŸããŠå®éã«WebããŒãžãæ£åžžã«è¿ããããµãŒãã¹ã«çµã蟌ãç¹ã«æå³ããããŸããã€ãŸãããµãŒãã¹è奿 å ±ã®ã¿ãæ®ã£ãŠããéã¢ã¯ãã£ãè³ç£ãå¶éãããå¿çç°å¢ã§ã¯ãªããæ»æè ããã©ãŠã¶ãèªååã¹ãã£ã³ããŒã«ãéããŠå³åº§ã«ã¢ã¯ã»ã¹å¯èœãªã€ã³ã¿ãŒãã§ãŒã¹ãåªå çã«ç¢ºèªããããã»ã¹ã«è¿ããã®ã§ãããã®ãããªç°å¢ã§ã¯ãæ»æè ã¯ãã°ã€ã³ããŒãžãã¬ã¹ãã³ã¹ããããŒãéçãªãœãŒã¹ããšã©ãŒåŠçã®æåãªã©ãåºã«ããµãŒãã¹æ§æãããå ·äœçã«ææ¡ããããšãã§ããŸããäŸãã°ãWebã€ã³ã¿ãŒãã§ãŒã¹ãçŽæ¥å ¬éãããŠããå Žåã補åã®èå¥ã«å ããŠã管çããŒãžã®æç¡ãèªèšŒãããŒãå ¬éãããŠãããªãœãŒã¹ãã¹ãå Žåã«ãã£ãŠã¯ããŒãžã§ã³æšå®ã«å©çšå¯èœãªæããããŸã§ååŸã§ããå¯èœæ§ããããŸãã
æ»æè ã¯æ¬¡ã®ãããªæ¹æ³ã§è匱ããŒãžã§ã³ã®æç¡ãæšå®ããå¯èœæ§ããããŸãã
- ãã°ã€ã³ããŒãžããã³éçãªãœãŒã¹ã®åæ
- ãµãŒããŒã¬ã¹ãã³ã¹ããããŒã®ç¢ºèª
- ãããŒæ å ±ã«åºã¥ãããŒãžã§ã³æšå®
å€éšããã¢ã¯ã»ã¹å¯èœãªç®¡çã€ã³ã¿ãŒãã§ãŒã¹ãååšããå Žåãè匱æ§ãæªçšãããéã®æ»æåœ±é¿ç¯å²ã¯å€§ããæ¡å€§ããå¯èœæ§ããããŸãã
察å¿ããã³æšå¥šäºé
å€ãã®çµç¹ã§ã¯ããã¡ã€ã«è»¢éãµãŒããŒãå éšã·ã¹ãã ãšå€éšããŒãããŒéã®ããŒã¿äº€æã®ããã«éçšããŠãããéçšã®å©äŸ¿æ§ãçç±ã«å€éšã¢ã¯ã»ã¹ãèš±å¯ããŠããã±ãŒã¹ãå€ãèŠãããŸãããã®éçšã§ããã¹ãç°å¢ãäžæçãªãµãŒããŒã®å€éšå ¬éãæªãããã®å€ãã€ã³ã¹ã¿ã³ã¹ã管çã€ã³ã¿ãŒãã§ãŒã¹ã®çŽæ¥å ¬éãšãã£ãåé¡ãçºçããå¯èœæ§ãããããããã®ç°å¢ã¯æ»æè ã«ããèªååã¹ãã£ã³ã«ãã£ãŠå®¹æã«èå¥ãããæ»æå¯Ÿè±¡é åã«ã€ãªãããŸããç¹ã«CVE-2025-47813ã®ããã«åäœã§ã¯åœ±é¿ãéå®çãªè匱æ§ã§ãã£ãŠããRCEè匱æ§ãšçµã¿åãããããšã§æ»æãã§ãŒã³ã®äžéšãšããŠæªçšãããå¯èœæ§ããããããåãªããããé©çšã«ãšã©ãŸãããå€éšå ¬éè³ç£ã®ææ¡ãšã¢ã¯ã»ã¹å¶åŸ¡ãå«ããæ»æå¯Ÿè±¡é åããŒã¹ã®å¯Ÿå¿ãå¿ èŠã§ãã
æšå¥šãããå¯Ÿå¿æ¹æ³:
- 峿ã®ã»ãã¥ãªãã£ã¢ããããŒãã®é©çšïŒWing FTP ServerãããŒãžã§ã³7.4.4以äžã«æŽæ°
- å€éšã¢ã¯ã»ã¹ã®å¶éïŒç®¡çã€ã³ã¿ãŒãã§ãŒã¹ããã³Webãã°ã€ã³ããŒãžãžã®å€éšã¢ã¯ã»ã¹ãæå°å
- å ¬éè³ç£ã®ç¹æ€ïŒCriminal IPã®ITè³ç£æ€çŽ¢ãªã©ã掻çšããã€ã³ã¿ãŒãããäžã§èå¥å¯èœãªWing FTPãµãŒãã¹ã確èª
- ãã°ããŒã¹ã®ç°åžžè¡åã®ç¢ºèªïŒç°åžžãªUIDã¯ãããŒãªã¯ãšã¹ãããšã©ãŒã¡ãã»ãŒãžçºçãã°ã®ç¢ºèª
åäžã®å¯Ÿçã§ã¯ãªããå€å±€é²åŸ¡ã®æŠç¥ã掻çšããäŸµå ¥åã®æ®µéããæ¬è匱æ§ã«åããããšããäŒæ¥ããã³çµç¹ã«æ±ããããŸãã
FAQ
Q1. CVE-2025-47813ã¯åçŽãªæ å ±æŒããè匱æ§ã§ããããªãå±éºãªã®ã§ããããã
CVE-2025-47813èªäœã¯ããµãŒããŒã®ããŒã«ã«ã€ã³ã¹ããŒã«ãã¹ãé²åºãããæ å ±æŒããè匱æ§ã§ãããåäœã§ã¯çŽæ¥çãªã·ã¹ãã ææ¡ãåŒãèµ·ãããã®ã§ã¯ãããŸãããããããæ»æè ã¯ãã®æ å ±ãéããŠãã¡ã€ã«ã·ã¹ãã æ§é ãã€ã³ã¹ããŒã«äœçœ®ãå®è¡ãã¹ãªã©ãææ¡ã§ããããã¯è¿œå ã®èåŒ±æ§æªçšã«åããåµå¯æ®µéãšããŠå©çšãããå¯èœæ§ããããŸããç¹ã«åäžè£œåã«ååšããRCEè匱æ§ïŒCVE-2025-47812ïŒãšçµã¿åãããå Žåãæ»ææåçãé«ããè£å©çãªææ®µãšããŠæ©èœããå®è³ªçãªã»ãã¥ãªãã£ãªã¹ã¯ã«ã€ãªããå¯èœæ§ããããŸãã
Q2. ãããé©çšã ãã§ååãªå¯ŸçãšãããŸããã
ãããé©çšã¯å¿ é ã®å¯Ÿçã§ãããããã ãã§ååãšã¯ãããŸãããWing FTP Serverã¯å€éšãšã®ãã¡ã€ã«è»¢éããã³ç®¡çæ©èœãæäŸããç¹æ§äžãã€ã³ã¿ãŒãããã«å ¬éãããç¶æ ã§éçšãããã±ãŒã¹ãå€ãèŠãããŸãããã®å Žåããããé©çšåã«ãã§ã«æ»æè ãã¢ã¯ã»ã¹ããŠããå¯èœæ§ããçµç¹ãææ¡ããŠããªããã¹ãç°å¢ãæŸçœ®ãããã€ã³ã¹ã¿ã³ã¹ãæ®ã£ãŠããå¯èœæ§ããããŸãããã®ãããããã察å¿ã«å ããŠãå€éšå ¬éè³ç£ãç¶ç¶çã«èå¥ã»ç¹æ€ããæ»æå¯Ÿè±¡é å管çïŒASMïŒã«åºã¥ã察çã䞊è¡ããŠå®æœããå¿ èŠããããŸãã
çµè«
Wing FTP Serverã®è匱æ§CVE-2025-47813ã¯ãäžèŠãããšåãªãæ å ±æŒããè匱æ§ã«èŠããŸãããå®éã®æ»æç°å¢ã§ã¯RCEè匱æ§ãšçµã¿åãããæ»æãã§ãŒã³ã®äžéšãšããŠå©çšãããå¯èœæ§ããããŸããç¹ã«ã€ã³ã¿ãŒãããã«å ¬éããããã¡ã€ã«è»¢éãµãŒããŒã¯ãæ»æè ã«ãšã£ãŠå®¹æã«èå¥å¯èœãªæšçãšãªããè匱ãªããŒãžã§ã³ã皌åããŠããå Žåã«ã¯æ»ææåã®å¯èœæ§ã倧ããé«ãŸããŸããCISAãåœè©²è匱æ§ãKEVã«ã¿ãã°ã«è¿œå ããããšã¯ããã®ãªã¹ã¯ãçè«çãªå¯èœæ§ã«ãšã©ãŸãããå®éã®æ»æç°å¢ã§æªçšãããŠããããšã瀺ããŠããŸãã
ãããã£ãŠãçµç¹ã¯åãªããããé©çšã«ãšã©ãŸãããã€ã³ã¿ãŒãããããã¢ã¯ã»ã¹å¯èœãªãµãŒãã¹ãç¶ç¶çã«ææ¡ã»ç®¡çããæ»æå¯Ÿè±¡é å管çïŒASMïŒã«åºã¥ãã»ãã¥ãªãã£æŠç¥ãããããŠæ€èšããå¿ èŠããããŸãã
ãªããé¢é£ããŠãå ¬éããã Google Cloud API Key ãš AI API ç°å¢ã§æ¡å€§ããæ»æå¯Ÿè±¡é åã®èšäºãåèã«ããããšãã§ããŸãã
Criminal IPïŒcriminalip.io/ja/register) ã«ç»é²ãããšãããã«è匱è³ç£ã®æ€ç¥ãéå§ã§ããŸããããã«ãäžèšãã¿ã³ãããã¢ããäŸé Œããã ãããšã§ããšã³ã¿ãŒãã©ã€ãºç°å¢ã«ãããŠå€éšã«é²åºããè³ç£ã察象ãšããCriminal IP ã®è åšã€ã³ããªãžã§ã³ã¹ïŒTIïŒåæãçŽæ¥ã確èªããã ããŸãã
æ¬ã¬ããŒãã¯ããµã€ããŒè
åšã€ã³ããªãžã§ã³ã¹æ€çŽ¢ãšã³ãžã³Â Criminal IP ã®ããŒã¿ãåºã«äœæãããŠããŸãã
ä»ããCriminal IP ã®ç¡æã¢ã«ãŠã³ããäœæããã°ãæ¬ã¬ããŒãã§åŒçšãããæ€çŽ¢çµæãçŽæ¥ç¢ºèªããããããã«èšå€§ãªè
åšã€ã³ããªãžã§ã³ã¹ãèªç±ã«æ€çŽ¢ããããšãã§ããŸãã
ããŒã¿ãœãŒã¹: Criminal IP(https://www.criminalip.io/ja), Bleeping Computer (https://www.bleepingcomputer.com/news/security/cisa-flags-wing-ftp-server-flaw-as-actively-exploited-in-attacks/), The Hacker News (https://thehackernews.com/2026/03/cisa-flags-actively-exploited-wing-ftp.html), Security Affairs (https://securityaffairs.com/189530/security/u-s-cisa-adds-a-flaw-in-wing-ftp-server-to-its-known-exploited-vulnerabilities-catalog.html)
é¢é£èšäº: https://www.criminalip.io/ja/knowledge-hub/blog/8251

