Serv-u Security Vulnerabilities and Issues — Serv-u CVE List

Lucene search

SolarwindsServ-u

6 matches found

CVE•added 2024/06/06 9:15 a.m.•361 views

CVE-2024-28995

SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.

8.6CVSS7.1AI score0.94376EPSS

CVE•added 2024/10/16 8:15 a.m.•62 views

CVE-2024-45711

SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication i...

8.8CVSS8.2AI score0.03091EPSS

CVE•added 2024/04/17 5:15 p.m.•54 views

CVE-2024-28073

SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited.

8.4CVSS7AI score0.00222EPSS

CVE•added 2021/08/31 4:15 p.m.•50 views

CVE-2021-35223

The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution.

8.8CVSS9.1AI score0.04511EPSS

CVE•added 2021/12/06 5:15 p.m.•42 views

CVE-2021-35242

Serv-U server responds with valid CSRFToken when the request contains only Session.

8.8CVSS8.7AI score0.00137EPSS

CVE•added 2021/12/06 5:15 p.m.•33 views

CVE-2021-35245

When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine.

8.4CVSS7.1AI score0.00119EPSS