Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 12:57 p.m.20 views

CVE-2018-19999

The local management interface in SolarWinds Serv-U FTP Server 15.1.6.25 has incorrect access controls that permit local users to bypass authentication in the application and execute code in the context of the Windows SYSTEM account, leading to privilege escalation. To exploit this vulnerability,...

7.8CVSS7.2AI score0.00605EPSS
Exploits2References1
CVE
CVE
added 2019/06/07 4:13 p.m.89 views

CVE-2018-19999

CVE-2018-19999 affects SolarWinds Serv-U FTP Server 15.1.6.25, where broken access controls in the local management interface allow an authenticated local attacker to bypass authentication and execute code with SYSTEM privileges. Exploitation requires local access and an active Serv-U admin conso...

7.8CVSS7.7AI score0.00605EPSS
Exploits2References2Affected Software1
Packet Storm
Packet Storm
added 2019/02/02 12:0 a.m.321 views

SolarWinds Serv-U FTP 15.1.6 Privilege Escalation

CVE: CVE-2018-15906 Attack type: Remote, authenticated Discovered by: Chris Moberly @ The Missing Link Security Operating Systems: Verified on Win10 and Win2016 Vulnerable version: Tested on 15.1.6 current as of August 2018. Fixed in: Serv-U 15.1.6 Hotfix 2 Description SolarWinds Serv-U FTP Serve...

0.2AI score0.08245EPSS
Exploits3
NVD
NVD
added 2017/12/03 9:29 p.m.13 views

CVE-2017-17099

There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under th...

7.8CVSS7.8AI score0.11831EPSS
Exploits2References2
Prion
Prion
added 2017/12/03 9:29 p.m.13 views

Design/Logic Flaw

There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under th...

7.2CVSS7.7AI score0.11831EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2017/12/03 9:0 p.m.21 views

CVE-2017-17099

There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under th...

7.8AI score0.11831EPSS
Exploits2References2
EUVD
EUVD
added 2017/12/03 9:0 p.m.4 views

EUVD-2017-8265

There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under th...

7.8CVSS7.9AI score0.11831EPSS
Exploits2References2
Rows per page
Query Builder