Skip to main content

Serv U Ftp Server

7 CVEs product

Monthly

CVE-2020-15543 CRITICAL Act Now

SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Serv U Ftp Server
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-15542 CRITICAL Act Now

SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Serv U Ftp Server
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-15541 CRITICAL Act Now

SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Serv U Ftp Server
NVD
CVSS 3.1
9.8
EPSS
7.0%
CVE-2019-19829 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability than CVE-2018-19934 and CVE-2019-13182. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Serv U Ftp Server
NVD
CVSS 3.1
5.4
EPSS
2.3%
CVE-2019-13182 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Serv U Ftp Server
NVD
CVSS 3.1
5.4
EPSS
6.4%
CVE-2019-13181 MEDIUM This Month

A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Serv U Ftp Server
NVD
CVSS 3.1
6.5
EPSS
3.2%
CVE-2019-12181 HIGH POC THREAT Act Now

A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Command Injection Serv U Ftp Server Serv U Mft Server
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
66.0%
EPSS 2% CVSS 9.8
CRITICAL Act Now

SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Serv U Ftp Server
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Serv U Ftp Server
NVD
EPSS 7% CVSS 9.8
CRITICAL Act Now

SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Serv U Ftp Server
NVD
EPSS 2% CVSS 5.4
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability than CVE-2018-19934 and CVE-2019-13182. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Serv U Ftp Server
NVD
EPSS 6% CVSS 5.4
MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Serv U Ftp Server
NVD
EPSS 3% CVSS 6.5
MEDIUM This Month

A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Serv U Ftp Server
NVD
EPSS 66% CVSS 8.8
HIGH POC THREAT Act Now

A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Command Injection Serv U Ftp Server +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy