5 matches found
CVE-2025-40541
The CVE-2025-40541 entry describes an Insecure Direct Object Reference (IDOR) vulnerability in SolarWinds Serv-U. The issue allows an attacker to execute native code as a privileged account, requiring administrative privileges to exploit. On Windows deployments, risk is noted as medium because se...
CVE-2025-40548
SolarWinds Serv-U is affected by a set of flaws (CVE-2025-40547, -40548, -40549) stemming from a missing validation that could allow an attacker with admin privileges to execute code. Several connected sources indicate Serv-U versions prior to 15.5.3 (and specifically 15.5.2 and earlier per PT-20...
The vulnerability of the SolarWinds Serv-U File Server file server arises from incorrect path name restrictions for the restricted access directory, allowing a hacker to execute arbitrary code.
The vulnerability of the SolarWinds Serv-U File Server file server is related to an incorrect limitation on the path name for the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by connecting to port 21...
CVE-2024-45712
SolarWinds Serv-U is vulnerable to a client-side cross-site scripting XSS vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low...
CVE-2020-15542
SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command...