SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an malicious user to exfiltrate data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
solarwinds sftp\\/scp server |