cbcvebase.
CVE-2010-2115
published 2010-05-28

CVE-2010-2115: SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted read request.

PriorityP341medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
55.95%
98.9th percentile
SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted read request.

Affected

1 ranges
VendorProductVersion rangeFixed in
solarwindstftp_server

Detection & IOCsextracted from sources · hover to see the quote

port69/udp
bytes
\x00\x01\x01\x00NETASCII\x00
  • Detect a TFTP Read Request (opcode 0x0001) over UDP port 69 where the filename field is a single byte (0x01) followed by a null byte and the mode string 'NETASCII'. This malformed request with a single-byte filename triggers the DoS condition.
  • Alert on TFTP 'netascii' read requests containing a specially crafted (abnormally short/single-byte) filename field targeting SolarWinds TFTP Server 10.4.0.10; the server will stop accepting new connections without crashing.
  • ·Affected version is specifically SolarWinds TFTP Server 10.4.0.10; scope of impact on other versions is not confirmed by available sources.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.