Published: 03/02/2021 Updated: 18/02/2021

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

SolarWinds Serv-U prior to 15.2.2 allows Authenticated Directory Traversal.

Vulnerable Product	Search on Vulmon	Subscribe to Product
solarwinds serv-u

SolarWinds Serv-U File Server versions through 1521 do not correctly validate path information, allowing the disclosure of files and directories outside of the user's home directory via a specially crafted GET request ...

SolarWinds-CVE-2021-35250 Serv-U [v1530X] CVE-2021-35250-Directory-Traversal Hello everyone This is my first POC, don't judge strictly Disclaimer The author of this repository is not responsible for any damage caused by the use or misuse of these PoC exploits These PoCs are intended for educational and research purposes only, and should never be used to target or ex

CWE-22 https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm https://www.themissinglink.com.au/security-advisories-cve-2020-27994 http://seclists.org/fulldisclosure/2021/Feb/36 http://packetstormsecurity.com/files/161399/SolarWinds-Serv-U-FTP-Server-15.2.1-Path-Traversal.html https://nvd.nist.gov https://github.com/rissor41/SolarWinds-CVE-2021-35250 https://packetstormsecurity.com/files/161399/SolarWinds-Serv-U-FTP-Server-15.2.1-Path-Traversal.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-27994

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect