Serv-U FTP server prior to 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then using the SITE EXEC command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
solarwinds serv-u file server 4.0.0.4 |
||
solarwinds serv-u file server 3.1.0.0 |
||
solarwinds serv-u file server 3.1.0.1 |
||
solarwinds serv-u file server 5.0.0.0 |
||
solarwinds serv-u file server |
||
solarwinds serv-u file server 3.1.0.3 |
||
solarwinds serv-u file server 3.0.0.16 |
||
solarwinds serv-u file server 4.1.0.0 |
||
solarwinds serv-u file server 4.1.0.3 |
||
solarwinds serv-u file server 5.0.0.4 |
||
solarwinds serv-u file server 5.0.0.9 |
||
solarwinds serv-u file server 3.0.0.17 |