Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2021-35212
An SQL injection Privilege Escalation Vulnerability exists in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.
Solarwinds Orion Platform 2019.2
Solarwinds Orion Platform 2019.4
Solarwinds Orion Platform 2020.2.1
Solarwinds Orion Platform 2020.2.4
Solarwinds Orion Platform 2020.2.5
9
CVSSv2
CVE-2021-35213
An Improper Access Control Privilege Escalation Vulnerability exists in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.
Solarwinds Orion Platform
9
CVSSv2
CVE-2021-31475
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The is...
Solarwinds Orion Job Scheduler 2020.2.1
9
CVSSv2
CVE-2020-27869
This vulnerability allows remote malicious users to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM: 2020.2. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The...
Solarwinds Network Performance Monitor 2020
Solarwinds Network Performance Monitor 2020.2
9
CVSSv2
CVE-2020-27871
This vulnerability allows remote malicious users to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw ...
Solarwinds Orion Platform 2020.2.1
9
CVSSv2
CVE-2020-25617
An issue exists in SolarWinds N-Central 12.3.0.670. The AdvancedScripts HTTP endpoint allows Relative Path Traversal by an authenticated user of the N-Central Administration Console (NAC), leading to execution of OS commands as root.
Solarwinds N-central 12.3.0.670
9
CVSSv2
CVE-2020-25618
An issue exists in SolarWinds N-Central 12.3.0.670. The sudo configuration has incorrect access control because the nable web user account is effectively able to run arbitrary OS commands as root (i.e., the use of root privileges is not limited to specific programs listed in the ...
Solarwinds N-central 12.3.0.670
9
CVSSv2
CVE-2020-14005
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote malicious users to execute arbitrary code via a defined event.
Solarwinds Orion Network Performance Monitor 2019.4
Solarwinds Orion Web Performance Monitor 2019.4.1
9
CVSSv2
CVE-2018-15906
SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.
Solarwinds Serv-u Ftp Server 15.1.6
9
CVSSv2
CVE-2011-4800
Directory traversal vulnerability in Serv-U FTP Server prior to 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get comma...
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 9.1.0.0
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 9.1.0.2
Solarwinds Serv-u File Server 6.3.0.1
Solarwinds Serv-u File Server 6.2.0.1
Solarwinds Serv-u File Server 6.4.0.3
Solarwinds Serv-u File Server 6.0.0.1
Solarwinds Serv-u File Server 5.2.0.1
Solarwinds Serv-u File Server 8.0.0.2
Solarwinds Serv-u File Server 8.2.0.0
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 6.4.0.5
Solarwinds Serv-u File Server 8.0.0.1
Solarwinds Serv-u File Server 5.1.0.0
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 10.5.0.6
Solarwinds Serv-u File Server 10.4.0.0
Solarwinds Serv-u File Server 10.1.0.0
Solarwinds Serv-u File Server 10.0.0.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »