Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2012-2576
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager prior to 5.1.2, SolarWinds Storage Profiler prior to 5.1.2, and SolarWinds Backup Profiler prior to 5.1.2 allows remote malicious users to execute arbitrary SQL commands via the loginName field.
Solarwinds Storage Profiler
Solarwinds Backup Profiler
Solarwinds Storage Manager
1 EDB exploit
1000
VMScore
CVE-2017-7722
In SolarWinds Log & Event Manager (LEM) prior to 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the me...
Solarwinds Log \\& Event Manager 6.3.1
1000
VMScore
CVE-2016-2345
Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote malicious users to execute arbitrary code via a crafted string.
Dameware Mini Remote Control 12.0
1 EDB exploit
1000
VMScore
CVE-2015-5371
The AuthenticationFilter class in SolarWinds Storage Manager allows remote malicious users to upload and execute arbitrary scripts via unspecified vectors.
Solarwinds Storage Manager -
1000
VMScore
CVE-2015-2284
userlogin.jsp in SolarWinds Firewall Security Manager (FSM) prior to 6.6.5 HotFix1 allows remote malicious users to gain privileges and execute arbitrary code via unspecified vectors, related to client session handling.
Solarwinds Firewall Security Manager
1 EDB exploit
1000
VMScore
CVE-2009-4006
Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions prior to 9.1.0.0 allows remote malicious users to execute arbitrary code via a long hexadecimal string.
Solarwinds Serv-u File Server 7.1.0.0
Solarwinds Serv-u File Server 7.4.0.1
Solarwinds Serv-u File Server 8.2.0.3
Solarwinds Serv-u File Server 8.0.0.5
Solarwinds Serv-u File Server 8.0.0.1
Solarwinds Serv-u File Server 9.0.0.1
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 7.3.0.0
Solarwinds Serv-u File Server 8.2.0.0
Solarwinds Serv-u File Server 8.2.0.1
Solarwinds Serv-u File Server 9.1.0.0
Solarwinds Serv-u File Server 7.1.0.1
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.3.0.2
Solarwinds Serv-u File Server 7.4.0.0
Solarwinds Serv-u File Server 8.1.0.1
Solarwinds Serv-u File Server 8.1.0.3
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.2.0.0
1 EDB exploit
1000
VMScore
CVE-2004-2532
Serv-U FTP server prior to 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then u...
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 3.1.0.0
Solarwinds Serv-u File Server 3.1.0.1
Solarwinds Serv-u File Server 5.0.0.0
Solarwinds Serv-u File Server
Solarwinds Serv-u File Server 3.1.0.3
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 4.1.0.3
Solarwinds Serv-u File Server 5.0.0.4
Solarwinds Serv-u File Server 5.0.0.9
Solarwinds Serv-u File Server 3.0.0.17
1 EDB exploit
1000
VMScore
CVE-2004-0330
Buffer overflow in Serv-U ftp prior to 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.
Solarwinds Serv-u File Server
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 4.1.0.3
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 3.1.0.3
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 3.1.0.0
Solarwinds Serv-u File Server 3.1.0.1
6 EDB exploits
905
VMScore
CVE-2011-4800
Directory traversal vulnerability in Serv-U FTP Server prior to 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get comma...
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 9.1.0.0
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 9.1.0.2
Solarwinds Serv-u File Server 6.3.0.1
Solarwinds Serv-u File Server 6.2.0.1
Solarwinds Serv-u File Server 6.4.0.3
Solarwinds Serv-u File Server 6.0.0.1
Solarwinds Serv-u File Server 5.2.0.1
Solarwinds Serv-u File Server 8.0.0.2
Solarwinds Serv-u File Server 8.2.0.0
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 6.4.0.5
Solarwinds Serv-u File Server 8.0.0.1
Solarwinds Serv-u File Server 5.1.0.0
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 10.5.0.6
Solarwinds Serv-u File Server 10.4.0.0
Solarwinds Serv-u File Server 10.1.0.0
Solarwinds Serv-u File Server 10.0.0.5
1 EDB exploit
905
VMScore
CVE-2008-4501
Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 up to and including 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command.
Solarwinds Serv-u File Server 7.1.0.1
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.3.0.0
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 7.3.0.2
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 7.1.0.0
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 7.2.0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »