3 matches found
SolarWinds Orion Arbitrary File Write (CVE-2020-27871)
An arbitrary file write vulnerability exists in SolarWinds Network Configuration Manager. The vulnerability is due to insufficient validation of file types for vulnerability announcement data files in VulnerabilitySettings.aspx, combined with a lack of restriction on destination paths. A remote,...
CVE-2020-27871
CVE-2020-27871 affects SolarWinds Orion Platform 2020.2.1, describing an Arbitrary File Write via VulnerabilitySettings.aspx caused by insufficient validation of a user-supplied path in file operations. The vulnerability allows remote attackers to create arbitrary files and, per sources, could en...
Vulnerabilities fixed in SolarWinds Network Performance Monitor
Vulnerabilities have been fixed in SolarWinds Network Performance Monitor. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Access to sensitive data Increased user privileges To...