Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds serv-u vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-12181
A privilege escalation vulnerability exists in SolarWinds Serv-U prior to 15.1.7 for Linux.
Solarwinds Serv-u Mft Server
Solarwinds Serv-u Ftp Server
3 EDB exploits
2 Github repositories
5
CVSSv2
CVE-2021-35250
A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.
Solarwinds Serv-u 15.3
1 Github repository
5
CVSSv2
CVE-2021-35247
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignor...
Solarwinds Serv-u
5
CVSSv2
CVE-2021-3154
An issue exists in SolarWinds Serv-U prior to 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481.
Solarwinds Serv-u
5
CVSSv2
CVE-2020-15574
SolarWinds Serv-U File Server prior to 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893.
Solarwinds Serv-u
5
CVSSv2
CVE-2020-15576
SolarWinds Serv-U File Server prior to 15.2.1 allows information disclosure via an HTTP response.
Solarwinds Serv-u
5
CVSSv2
CVE-2018-10240
SolarWinds Serv-U MFT prior to 15.1.6 HFv1 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. This session token's value can be brute-forced by an malicious user to obtai...
Solarwinds Serv-u
5
CVSSv2
CVE-2009-3655
Rhino Software Serv-U 7.0.0.1 up to and including 8.2.0.3 allows remote malicious users to cause a denial of service (server crash) via unspecified vectors related to the "SITE SET TRANSFERPROGRESS ON" FTP command.
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.3.0.2
Solarwinds Serv-u File Server 7.4.0.0
Solarwinds Serv-u File Server 8.1.0.1
Solarwinds Serv-u File Server 8.1.0.3
Solarwinds Serv-u File Server 8.2.0.3
Solarwinds Serv-u File Server 7.1.0.1
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.2.0.1
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 8.0.0.2
Solarwinds Serv-u File Server 8.0.0.4
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 7.1.0.0
Solarwinds Serv-u File Server 7.3.0.0
Solarwinds Serv-u File Server 7.4.0.1
Solarwinds Serv-u File Server 8.2.0.0
Solarwinds Serv-u File Server 8.2.0.1
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 8.0.0.5
5
CVSSv2
CVE-2005-3467
Serv-U FTP Server prior to 6.1.0.4 allows malicious users to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of th...
Solarwinds Serv-u File Server 6.0.0.0
Solarwinds Serv-u File Server 5.0.0.11
Solarwinds Serv-u File Server 6.1.0.0
Solarwinds Serv-u File Server
Solarwinds Serv-u File Server 5.0.0.4
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 4.1.0.3
Solarwinds Serv-u File Server 5.2.0.1
Solarwinds Serv-u File Server 5.0.0.9
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 3.1.0.0
Solarwinds Serv-u File Server 6.0.0.1
Solarwinds Serv-u File Server 6.0.0.2
Solarwinds Serv-u File Server 5.2.0.0
Solarwinds Serv-u File Server 5.0.0.0
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 5.1.0.0
Solarwinds Serv-u File Server 3.1.0.1
Solarwinds Serv-u File Server 3.1.0.3
5
CVSSv2
CVE-2004-2533
Serv-U FTP Server 4.1 (possibly 4.0) allows remote malicious users to cause a denial of service (application crash) via a SITE CHMOD command with a "\\...\" followed by a short string, causing partial memory corruption, a different vulnerability than CVE-2004-2111.
Solarwinds Serv-u File Server 4.1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »