CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-35223

The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.045

EPSS Ranking 88.5%

CVSS Severity

CVSS v3 Score 8.5

CVSS v2 Score 6.5

References

Products affected by CVE-2021-35223

Solarwinds » Serv-U » Version: 15.1

cpe:2.3:a:solarwinds:serv-u:15.1
Solarwinds » Serv-U » Version: 15.1.1

cpe:2.3:a:solarwinds:serv-u:15.1.1
Solarwinds » Serv-U » Version: 15.1.2

cpe:2.3:a:solarwinds:serv-u:15.1.2
Solarwinds » Serv-U » Version: 15.1.3

cpe:2.3:a:solarwinds:serv-u:15.1.3
Solarwinds » Serv-U » Version: 15.1.4

cpe:2.3:a:solarwinds:serv-u:15.1.4
Solarwinds » Serv-U » Version: 15.1.5

cpe:2.3:a:solarwinds:serv-u:15.1.5
Solarwinds » Serv-U » Version: 15.1.6

cpe:2.3:a:solarwinds:serv-u:15.1.6
Solarwinds » Serv-U » Version: 15.1.7

cpe:2.3:a:solarwinds:serv-u:15.1.7
Solarwinds » Serv-U » Version: 15.2.1

cpe:2.3:a:solarwinds:serv-u:15.2.1
Solarwinds » Serv-U » Version: 15.2.2

cpe:2.3:a:solarwinds:serv-u:15.2.2
Solarwinds » Serv-U » Version: 15.2.3

cpe:2.3:a:solarwinds:serv-u:15.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-35223

Products

Pricing

Contact Us