RSS   Vulnerabilities for 'Serv-u ftp server'   RSS



The local management interface in SolarWinds Serv-U FTP Server has incorrect access controls that permit local users to bypass authentication in the application and execute code in the context of the Windows SYSTEM account, leading to privilege escalation. To exploit this vulnerability, an attacker must have local access the the host running Serv-U, and a Serv-U administrator have an active management console session.



SolarWinds Serv-U FTP Server has reflected cross-site scripting (XSS) in the Web management interface via URL path and HTTP POST parameter.



SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.


 >>> Vendor: Solarwinds 28 Products
Tftp server
Orion network performance monitor
Ip address manager web interface
Network configuration manager
Log and event manager
Server and application monitor
Orion ip address manager
Orion netflow traffic analyzer
Orion network configuration manager
Orion server and application manager
Orion user device tracker
Orion voip & network quality manager
Orion web performance monitor
Firewall security manager
Storage manager
N-able n-central
Storage resource monitor
Virtualization manager
Ftp voyager
Log & event manager
Network performance monitor
Sftp/scp server
Orion platform
Serv-u ftp server
Damewire mini remote control
Database performance analyzer
Dameware mini remote control firmware

Copyright 2019,


Back to Top