Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
serv-u file server vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2021-35211
Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File ...
Solarwinds Serv-u
Solarwinds Serv-u 15.2.3
2 Github repositories
3 Articles
8.8
CVSSv3
CVE-2021-35223
The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution.
Solarwinds Serv-u
7.5
CVSSv3
CVE-2020-15576
SolarWinds Serv-U File Server prior to 15.2.1 allows information disclosure via an HTTP response.
Solarwinds Serv-u
7.5
CVSSv3
CVE-2020-15574
SolarWinds Serv-U File Server prior to 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893.
Solarwinds Serv-u
7.2
CVSSv3
CVE-2018-15906
SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.
Solarwinds Serv-u Ftp Server 15.1.6
6.5
CVSSv3
CVE-2020-27994
SolarWinds Serv-U prior to 15.2.2 allows Authenticated Directory Traversal.
Solarwinds Serv-u
1 Github repository
6.1
CVSSv3
CVE-2020-15573
SolarWinds Serv-U File Server prior to 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 00041778 and 00306421.
Solarwinds Serv-u
6.1
CVSSv3
CVE-2020-15575
SolarWinds Serv-U File Server prior to 15.2.1 allows XSS as demonstrated by Tenable Scan, aka Case Number 00484194.
Solarwinds Serv-u
NA
CVE-2011-4800
Directory traversal vulnerability in Serv-U FTP Server prior to 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get comma...
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 9.1.0.0
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 9.1.0.2
Solarwinds Serv-u File Server 6.3.0.1
Solarwinds Serv-u File Server 6.2.0.1
Solarwinds Serv-u File Server 6.4.0.3
Solarwinds Serv-u File Server 6.0.0.1
Solarwinds Serv-u File Server 5.2.0.1
Solarwinds Serv-u File Server 8.0.0.2
Solarwinds Serv-u File Server 8.2.0.0
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 6.4.0.5
Solarwinds Serv-u File Server 8.0.0.1
Solarwinds Serv-u File Server 5.1.0.0
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 10.5.0.6
Solarwinds Serv-u File Server 10.4.0.0
Solarwinds Serv-u File Server 10.1.0.0
Solarwinds Serv-u File Server 10.0.0.5
1 EDB exploit
NA
CVE-2009-4815
Directory traversal vulnerability in Serv-U prior to 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors.
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 9.1.0.2
Solarwinds Serv-u File Server 9.1.0.0
Solarwinds Serv-u File Server 8.1.0.3
Solarwinds Serv-u File Server 8.1.0.1
Solarwinds Serv-u File Server 7.3.0.2
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 6.4.0.0
Solarwinds Serv-u File Server 6.3.0.1
Solarwinds Serv-u File Server 6.1.0.0
Solarwinds Serv-u File Server 6.0.0.2
Solarwinds Serv-u File Server 5.0.0.4
Solarwinds Serv-u File Server 5.0.0.0
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.2.0.1
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 9.0.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »