Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds serv-u file server vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2021-35211
Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File ...
Solarwinds Serv-u
Solarwinds Serv-u 15.2.3
2 Github repositories
3 Articles
8.8
CVSSv3
CVE-2021-35223
The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution.
Solarwinds Serv-u
7.5
CVSSv3
CVE-2020-15574
SolarWinds Serv-U File Server prior to 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893.
Solarwinds Serv-u
7.5
CVSSv3
CVE-2020-15576
SolarWinds Serv-U File Server prior to 15.2.1 allows information disclosure via an HTTP response.
Solarwinds Serv-u
7.2
CVSSv3
CVE-2018-15906
SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.
Solarwinds Serv-u Ftp Server 15.1.6
6.5
CVSSv3
CVE-2020-27994
SolarWinds Serv-U prior to 15.2.2 allows Authenticated Directory Traversal.
Solarwinds Serv-u
1 Github repository
6.1
CVSSv3
CVE-2021-25179
SolarWinds Serv-U prior to 15.2 is affected by Cross Site Scripting (XSS) via the HTTP Host header.
Solarwinds Serv-u File Server
6.1
CVSSv3
CVE-2020-15575
SolarWinds Serv-U File Server prior to 15.2.1 allows XSS as demonstrated by Tenable Scan, aka Case Number 00484194.
Solarwinds Serv-u
6.1
CVSSv3
CVE-2020-15573
SolarWinds Serv-U File Server prior to 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 00041778 and 00306421.
Solarwinds Serv-u
5.4
CVSSv3
CVE-2020-28001
SolarWinds Serv-U prior to 15.2.2 allows Authenticated Stored XSS.
Solarwinds Serv-u
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »