Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 up to and including 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
solarwinds serv-u file server 7.1.0.1 |
||
solarwinds serv-u file server 7.1.0.2 |
||
solarwinds serv-u file server 7.0.0.2 |
||
solarwinds serv-u file server 7.0.0.3 |
||
solarwinds serv-u file server 7.3.0.0 |
||
solarwinds serv-u file server 7.3.0.1 |
||
solarwinds serv-u file server 7.3.0.2 |
||
solarwinds serv-u file server 7.0.0.4 |
||
solarwinds serv-u file server 7.1.0.0 |
||
solarwinds serv-u file server 7.0.0.1 |
||
solarwinds serv-u file server 7.2.0.0 |
||
solarwinds serv-u file server 7.2.0.1 |