Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds serv-u vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2018-10241
A denial of service vulnerability in SolarWinds Serv-U prior to 15.1.6 HFv1 allows an authenticated user to crash the application (with a NULL pointer dereference) via a specially crafted URL beginning with the /Web%20Client/ substring.
Solarwinds Serv-u
4
CVSSv2
CVE-2009-4815
Directory traversal vulnerability in Serv-U prior to 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors.
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 9.1.0.2
Solarwinds Serv-u File Server 9.1.0.0
Solarwinds Serv-u File Server 8.1.0.3
Solarwinds Serv-u File Server 8.1.0.1
Solarwinds Serv-u File Server 7.3.0.2
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 6.4.0.0
Solarwinds Serv-u File Server 6.3.0.1
Solarwinds Serv-u File Server 6.1.0.0
Solarwinds Serv-u File Server 6.0.0.2
Solarwinds Serv-u File Server 5.0.0.4
Solarwinds Serv-u File Server 5.0.0.0
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.2.0.1
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 9.0.0.1
4
CVSSv2
CVE-2009-0967
The FTP server in Serv-U 7.0.0.1 up to and including 7.4.0.1 allows remote authenticated users to cause a denial of service (service hang) via a large number of SMNT commands without an argument.
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.4.0.1
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 7.3.0.0
Solarwinds Serv-u File Server 7.1.0.0
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.3.0.2
Solarwinds Serv-u File Server 7.4.0.0
Solarwinds Serv-u File Server 7.1.0.1
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 7.2.0.1
1 EDB exploit
4
CVSSv2
CVE-2008-4500
Serv-U 7.0.0.1 up to and including 7.3, including 7.2.0.1, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1".
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.3.0.0
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 7.1.0.1
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 7.2.0.1
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 7.1.0.0
Solarwinds Serv-u File Server 7.3.0.2
1 EDB exploit
4
CVSSv2
CVE-2008-3731
Unspecified vulnerability in Serv-U File Server 7.0.0.1, and other versions prior to 7.2.0.1, allows remote authenticated users to cause a denial of service (daemon crash) via an SSH session with SFTP commands for directory creation and logging.
Solarwinds Serv-u File Server 7.1.0.0
Solarwinds Serv-u File Server 7.1.0.1
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.2.0.0
3.6
CVSSv2
CVE-2021-25276
In SolarWinds Serv-U prior to 15.2.2 Hotfix 1, there is a directory containing user profile files (that include users' password hashes) that is world readable and writable. An unprivileged Windows user (having access to the server's filesystem) can add an FTP user by co...
Solarwinds Serv-u
Solarwinds Serv-u 15.2.2
3.5
CVSSv2
CVE-2021-32604
Share/IncomingWizard.htm in SolarWinds Serv-U prior to 15.2.3 mishandles the user-supplied SenderEmail parameter, aka "Share URL XSS."
Solarwinds Serv-u
3.5
CVSSv2
CVE-2020-22428
SolarWinds Serv-U prior to 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload.
Solarwinds Serv-u Ftp Server 15.1
Solarwinds Serv-u Mft Server 15.1
3.5
CVSSv2
CVE-2020-35482
SolarWinds Serv-U prior to 15.2.2 allows authenticated reflected XSS.
Solarwinds Serv-u
3.5
CVSSv2
CVE-2020-28001
SolarWinds Serv-U prior to 15.2.2 allows Authenticated Stored XSS.
Solarwinds Serv-u
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »