Shodan
Vulnerabilities
Vulnerable Software
Solarwinds:  >> Serv-U  Security Vulnerabilities
CVE-2021-25276
In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files (that include users' password hashes) that is world readable and writable. An unprivileged Windows user (having access to the server's filesystem) can add an FTP user by copying a valid profile file to this directory. For example, if this profile sets up a user with a C:\ home directory, then the attacker obtains access to read or replace arbitrary files with LocalSystem privileges.
CVSS Score
7.1
EPSS Score
0.002
Published
2021-02-03
CVE-2020-35481
SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection.
CVSS Score
9.8
EPSS Score
0.045
Published
2021-02-03
CVE-2020-35482
SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS.
CVSS Score
5.4
EPSS Score
0.043
Published
2021-02-03
CVE-2020-27994
SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal.
CVSS Score
6.5
EPSS Score
0.019
Published
2021-02-03
CVE-2020-28001
SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS.
CVSS Score
5.4
EPSS Score
0.016
Published
2021-02-03
CVE-2020-15573
SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 00041778 and 00306421.
CVSS Score
6.1
EPSS Score
0.033
Published
2020-07-07
CVE-2020-15574
SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893.
CVSS Score
7.5
EPSS Score
0.029
Published
2020-07-07
CVE-2020-15575
SolarWinds Serv-U File Server before 15.2.1 allows XSS as demonstrated by Tenable Scan, aka Case Number 00484194.
CVSS Score
6.1
EPSS Score
0.033
Published
2020-07-07
CVE-2020-15576
SolarWinds Serv-U File Server before 15.2.1 allows information disclosure via an HTTP response.
CVSS Score
7.5
EPSS Score
0.029
Published
2020-07-07
CVE-2018-10240
SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. This session token's value can be brute-forced by an attacker to obtain the corresponding session cookie and hijack the user's session.
CVSS Score
7.3
EPSS Score
0.014
Published
2018-05-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved