Lucene search
K

921 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/24 7:41 a.m.5 views

CVE-2025-40540

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

9.1CVSS6AI score0.00445EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/02/24 7:40 a.m.4 views

EUVD-2025-207545

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

9.1CVSS6AI score0.00445EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/24 7:40 a.m.5 views

CVE-2025-40539

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

9.1CVSS6AI score0.00445EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/02/24 7:40 a.m.21 views

CVE-2025-40539

CVE-2025-40539 describes a type confusion vulnerability in SolarWinds Serv-U. The issue allows an attacker to execute arbitrary native code with privileged account privileges, requiring administrative privileges to exploit. The risk can be high in practice, and on Windows deployments the impact i...

9.1CVSS6AI score0.00445EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/24 7:40 a.m.4 views

CVE-2025-40539 SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

9.1CVSS6AI score0.00445EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/24 7:40 a.m.21 views

CVE-2025-40539 SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

9.1CVSS0.00445EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/24 7:40 a.m.5 views

CVE-2025-40538 SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...

9.1CVSS6AI score0.00496EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/24 7:40 a.m.4 views

EUVD-2025-207546

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...

9.1CVSS6AI score0.00496EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/24 7:40 a.m.21 views

CVE-2025-40538 SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...

9.1CVSS0.00496EPSS
Exploits0References2
CVE
CVE
added 2026/02/24 7:40 a.m.25 views

CVE-2025-40538

CVE-2025-40538 affects SolarWinds Serv-U; it describes a broken access control vulnerability that, if abused, enables a malicious actor with domain/admin privileges to create a system administrator account and execute arbitrary code with privileged access. Impact per sources: high/critical across...

9.1CVSS6AI score0.00496EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/24 7:40 a.m.8 views

CVE-2025-40538

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...

9.1CVSS6AI score0.00496EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.5 views

PT-2026-21668

Name of the Vulnerable Software and Affected Versions Serv-U affected versions not specified Description A type confusion issue exists in Serv-U, potentially allowing a malicious actor to execute arbitrary native code with elevated privileges. Exploitation of this issue requires administrative...

9.1CVSS6.3AI score0.00445EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.7 views

PT-2026-21671

Name of the Vulnerable Software and Affected Versions Serv-U versions 15.5.3 and earlier Description An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U. Exploitation of this issue allows a malicious actor to execute native code as a privileged account. This requires...

9.1CVSS7.6AI score0.0057EPSS
Exploits0References21
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.6 views

SolarWinds Serv-U 安全漏洞

SolarWinds Serv-U is an FTP File Transfer Protocol server software developed by the American company SolarWinds. SolarWinds Serv-U has a security vulnerability that stems from access control violations, which may lead to the creation of system administrator users and the execution of arbitrary co...

9.1CVSS7.7AI score0.00496EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.5 views

SolarWinds Serv-U 15.5.4 Multiple Vulnerabilities

The version of SolarWinds Serv-U installed on the remote host is prior to 15.5.4. It is, therefore, affected by multiple vulnerabilities as referenced in the solarwindsserv-u1554 advisory. - An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U, which when exploited, gives a...

9.1CVSS6.5AI score0.0057EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.9 views

PT-2026-21667

Name of the Vulnerable Software and Affected Versions Serv-U versions prior to 15.5.4 Serv-U 15.5 Description A broken access control issue exists in Serv-U, potentially allowing a malicious actor with administrative privileges to create a system administrator user and execute arbitrary code with...

9.1CVSS6.8AI score0.00496EPSS
Exploits0References30
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.8 views

PT-2026-21669

Name of the Vulnerable Software and Affected Versions Serv-U affected versions not specified Description A type confusion issue exists in Serv-U, potentially allowing a malicious actor to execute arbitrary native code with privileged account privileges. Exploitation requires administrative...

9.1CVSS6.5AI score0.00445EPSS
Exploits0References18
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.8 views

SolarWinds Serv-U 代码问题漏洞

SolarWinds Serv-U is an FTP File Transfer Protocol server software developed by the American company SolarWinds. SolarWinds Serv-U has a code vulnerability that stems from type confusion, which may lead to the execution of arbitrary local code...

9.1CVSS7.8AI score0.00445EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.7 views

SolarWinds Serv-U 代码问题漏洞

SolarWinds Serv-U is an FTP File Transfer Protocol server software developed by the American company SolarWinds. SolarWinds Serv-U has a code vulnerability that stems from insecure direct object references, which may lead to the execution of local code...

9.1CVSS7.7AI score0.0057EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.8 views

SolarWinds Serv-U 代码问题漏洞

SolarWinds Serv-U is an FTP File Transfer Protocol server software developed by the American company SolarWinds. SolarWinds Serv-U has a code vulnerability that stems from type confusion, which may lead to the execution of arbitrary local code...

9.1CVSS7.8AI score0.00445EPSS
Exploits0References2
Rows per page
Query Builder