4 matches found
EUVD-2018-8591
Malware in sbrugna...
SolarWinds SFTP XXE Vulnerability
SolarWinds SFTP is an FTP service program. SolarWinds SFTP is vulnerable to XXE. Allows an attacker to filter a global readable and writable profile of data to XXE...
SolarWinds SFTP Insecure Password Storage Vulnerability
SolarWinds SFTP is an FTP service program. An insecure password storage vulnerability exists in SolarWinds SFTP. The vulnerability is due to the configuration file being globally readable and writable and storing user passwords in an insecure manner, allowing an attacker to determine passwords fo...
CVE-2018-16791
In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords for potentially privileged accounts. This also grants the attacker an ability to backdoor the serve...