Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds serv-u vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-35481
SolarWinds Serv-U prior to 15.2.2 allows Unauthenticated Macro Injection.
Solarwinds Serv-u
312
VMScore
CVE-2020-35482
SolarWinds Serv-U prior to 15.2.2 allows authenticated reflected XSS.
Solarwinds Serv-u
356
VMScore
CVE-2020-27994
SolarWinds Serv-U prior to 15.2.2 allows Authenticated Directory Traversal.
Solarwinds Serv-u
1 Github repository
446
VMScore
CVE-2021-35247
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignor...
Solarwinds Serv-u
356
VMScore
CVE-2021-35249
This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a...
Solarwinds Serv-u
605
VMScore
CVE-2021-35242
Serv-U server responds with valid CSRFToken when the request contains only Session.
Solarwinds Serv-u
NA
CVE-2021-35252
Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.
Solarwinds Serv-u
312
VMScore
CVE-2021-32604
Share/IncomingWizard.htm in SolarWinds Serv-U prior to 15.2.3 mishandles the user-supplied SenderEmail parameter, aka "Share URL XSS."
Solarwinds Serv-u
356
VMScore
CVE-2018-10241
A denial of service vulnerability in SolarWinds Serv-U prior to 15.1.6 HFv1 allows an authenticated user to crash the application (with a NULL pointer dereference) via a specially crafted URL beginning with the /Web%20Client/ substring.
Solarwinds Serv-u
383
VMScore
CVE-2020-15573
SolarWinds Serv-U File Server prior to 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 00041778 and 00306421.
Solarwinds Serv-u
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »