Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds serv-u vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2533
Serv-U FTP Server 4.1 (possibly 4.0) allows remote malicious users to cause a denial of service (application crash) via a SITE CHMOD command with a "\\...\" followed by a short string, causing partial memory corruption, a different vulnerability than CVE-2004-2111.
Solarwinds Serv-u File Server 4.1.0.0
5.4
CVSSv3
CVE-2019-19829
A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability than CVE-2018-19934 and CVE-2019-13182.
Solarwinds Serv-u Ftp Server 15.1.7
7.2
CVSSv3
CVE-2018-15906
SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.
Solarwinds Serv-u Ftp Server 15.1.6
6.5
CVSSv3
CVE-2019-13181
A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7.
Solarwinds Serv-u Ftp Server 15.1.7
5.4
CVSSv3
CVE-2019-13182
A stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7.
Solarwinds Serv-u Ftp Server 15.1.7
7.8
CVSSv3
CVE-2018-19999
The local management interface in SolarWinds Serv-U FTP Server 15.1.6.25 has incorrect access controls that permit local users to bypass authentication in the application and execute code in the context of the Windows SYSTEM account, leading to privilege escalation. To exploit th...
Solarwinds Serv-u Ftp Server 15.1.6.25
NA
CVE-2001-0054
Directory traversal vulnerability in FTP Serv-U prior to 2.5i allows remote malicious users to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack.
Solarwinds Serv-u File Server 3.0.0.16
1 EDB exploit
8.8
CVSSv3
CVE-2017-6803
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in the Scheduler in SolarWinds (formerly Serv-U) FTP Voyager 16.2.0 allow remote malicious users to hijack the authentication of users for requests that (1) change the admin password, (2) terminate th...
Solarwinds Ftp Voyager 16.2.0
1 EDB exploit
6.1
CVSSv3
CVE-2021-25179
SolarWinds Serv-U prior to 15.2 is affected by Cross Site Scripting (XSS) via the HTTP Host header.
8.6
CVSSv3
CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »