Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
serv-u vulnerabilities and exploits
(subscribe to this query)
666
VMScore
CVE-2019-12181
A privilege escalation vulnerability exists in SolarWinds Serv-U prior to 15.1.7 for Linux.
Solarwinds Serv-u Mft Server
Solarwinds Serv-u Ftp Server
3 EDB exploits
2 Github repositories
445
VMScore
CVE-2002-2393
Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote malicious users to cause a denial of service (no new connections) via a series of MKD commands.
Solarwinds Serv-u File Server 3.1.0.0
Solarwinds Serv-u File Server 4.0.0.4
668
VMScore
CVE-2001-1463
The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even when S/KEY One-Time Password (OTP) authentication is enabled, which allows remote malicious users to sniff passwords.
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 3.0.0.17
312
VMScore
CVE-2020-22428
SolarWinds Serv-U prior to 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload.
Solarwinds Serv-u Ftp Server 15.1
Solarwinds Serv-u Mft Server 15.1
605
VMScore
CVE-2019-12769
SolarWinds Serv-U Managed File Transfer (MFT) Web client prior to 15.1.6 Hotfix 2 is vulnerable to Cross-Site Request Forgery in the file upload functionality via ?Command=Upload with the Dir and File parameters.
Solarwinds Serv-u Managed File Transfer
Solarwinds Serv-u Managed File Transfer 15.1.6
356
VMScore
CVE-2020-27994
SolarWinds Serv-U prior to 15.2.2 allows Authenticated Directory Traversal.
Solarwinds Serv-u
1 Github repository
312
VMScore
CVE-2020-28001
SolarWinds Serv-U prior to 15.2.2 allows Authenticated Stored XSS.
Solarwinds Serv-u
NA
CVE-2023-23841
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.? Part of the URL of the request discloses sensitive data.
Solarwinds Serv-u
445
VMScore
CVE-2021-3154
An issue exists in SolarWinds Serv-U prior to 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481.
Solarwinds Serv-u
445
VMScore
CVE-2020-15574
SolarWinds Serv-U File Server prior to 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893.
Solarwinds Serv-u
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »