Serv-u@* Security Vulnerabilities and Issues — Serv-u@* CVE List

Lucene search

SolarwindsServ-u*

5 matches found

CVE•added 2024/06/06 9:15 a.m.•360 views

CVE-2024-28995

SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.

8.6CVSS7.1AI score0.94376EPSS

CVE•added 2024/10/16 8:15 a.m.•62 views

CVE-2024-45711

SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication i...

8.8CVSS8.2AI score0.03091EPSS

CVE•added 2024/05/03 8:15 a.m.•61 views

CVE-2024-28072

A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly.

5.7CVSS6.9AI score0.00203EPSS

CVE•added 2024/04/17 5:15 p.m.•54 views

CVE-2024-28073

SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited.

8.4CVSS7AI score0.00222EPSS

CVE•added 2024/10/16 8:15 a.m.•42 views

CVE-2024-45714

Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload.

4.8CVSS4.7AI score0.00113EPSS