CVE-2019-13182

A stored cross-site scripting XSS vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7...

SolarWinds Serv-U FTP Server Cross-Site Scripting Vulnerability (CNVD-2019-46256)

SolarWinds Serv-U FTP Server is a set of U.S. SolarWinds FTP and MFT file transfer software. A cross-site scripting vulnerability exists in SolarWinds Serv-U FTP Server version 15.1.7. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker coul...

CVE-2019-13182

A stored cross-site scripting XSS vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7...

CVE-2019-13182

A stored cross-site scripting XSS vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7...

Serv-U FTP Server prepareinstallation Privilege Escalation

This module attempts to gain root privileges on systems running Serv-U FTP Server versions prior to 15.1.7. The Serv-U executable is setuid root, and uses ARGV0 in a call to system, without validation, when invoked with the -prepareinstallation flag, resulting in command execution with root...

PT-2019-12684 · Solarwinds · Serv-U

Name of the Vulnerable Software and Affected Versions: SolarWinds Serv-U versions prior to 15.1.7 for Linux. Description: A privilege escalation issue exists, allowing potential exploitation. Recommendations: For versions prior to 15.1.7, update to version 15.1.7 or later to resolve the issue...