cbcvebase.

Solarwinds Serv-U vulnerabilities

40 known vulnerabilities affecting solarwinds/serv-u.

Total CVEs
40
CISA KEV
4
actively exploited
Public exploits
4
Exploited in wild
5
Severity breakdown
CRITICAL5HIGH20MEDIUM15

Vulnerabilities

Page 2 of 2
CVE-2023-23841P3HIGHCVSS 7.5fixed in 15.42023-06-15
CVE-2023-23841 [HIGH] CWE-319 CVE-2023-23841: SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Sh SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data.
nvd
CVE-2020-27994P3MEDIUMCVSS 6.5fixed in 15.2.22021-02-03
CVE-2020-27994 [MEDIUM] CWE-22 CVE-2020-27994: SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal. SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal.
nvd
CVE-2021-35252P3HIGHCVSS 7.5fixed in 15.3.22022-12-16
CVE-2021-35252 [HIGH] CWE-798 CVE-2021-35252: Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.
nvd
CVE-2020-15576P3HIGHCVSS 7.5fixed in 15.2.12020-07-07
CVE-2020-15576 [HIGH] CVE-2020-15576: SolarWinds Serv-U File Server before 15.2.1 allows information disclosure via an HTTP response. SolarWinds Serv-U File Server before 15.2.1 allows information disclosure via an HTTP response.
nvd
CVE-2020-15574P3HIGHCVSS 7.5fixed in 15.2.12020-07-07
CVE-2020-15574 [HIGH] CVE-2020-15574: SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case Numb SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893.
nvd
CVE-2021-25276P3HIGHCVSS 7.1fixed in 15.2.2v15.2.22021-02-03
CVE-2021-25276 [HIGH] CWE-732 CVE-2021-25276: In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files (tha In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files (that include users' password hashes) that is world readable and writable. An unprivileged Windows user (having access to the server's filesystem) can add an FTP user by copying a valid profile file to this directory. For example, if this profile sets up a
nvd
CVE-2018-10240P3HIGHCVSS 7.3≤ 15.1.62018-05-16
CVE-2018-10240 [HIGH] CWE-331 CVE-2018-10240: SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token tha SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. This session token's value can be brute-forced by an attacker to obtain the corresponding session cookie and hijack the user's session.
nvd
CVE-2021-35245P4MEDIUMCVSS 6.8fixed in 15.2.4v15.2.4+1 more2021-12-06
CVE-2021-35245 [MEDIUM] CWE-284 CVE-2021-35245: When a user has admin rights in Serv-U Console, the user can move, create and delete any files are a When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine.
nvd
CVE-2020-28001P4MEDIUMCVSS 5.4fixed in 15.2.22021-02-03
CVE-2020-28001 [MEDIUM] CWE-79 CVE-2020-28001: SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS. SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS.
nvd
CVE-2018-10241P4MEDIUMCVSS 6.5≤ 15.1.62018-05-16
CVE-2018-10241 [MEDIUM] CWE-476 CVE-2018-10241: A denial of service vulnerability in SolarWinds Serv-U before 15.1.6 HFv1 allows an authenticated us A denial of service vulnerability in SolarWinds Serv-U before 15.1.6 HFv1 allows an authenticated user to crash the application (with a NULL pointer dereference) via a specially crafted URL beginning with the /Web%20Client/ substring.
nvd
CVE-2020-15573P4MEDIUMCVSS 6.1fixed in 15.2.12020-07-07
CVE-2020-15573 [MEDIUM] CWE-79 CVE-2020-15573: SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 000 SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 00041778 and 00306421.
nvd
CVE-2021-32604P4MEDIUMCVSS 5.4fixed in 15.2.32021-05-11
CVE-2021-32604 [MEDIUM] CWE-79 CVE-2021-32604: Share/IncomingWizard.htm in SolarWinds Serv-U before 15.2.3 mishandles the user-supplied SenderEmail Share/IncomingWizard.htm in SolarWinds Serv-U before 15.2.3 mishandles the user-supplied SenderEmail parameter, aka "Share URL XSS."
nvd
CVE-2024-28072P4MEDIUMCVSS 4.9fixed in 15.4.2v15.4.2+1 more2024-05-03
CVE-2024-28072 [MEDIUM] CWE-532 CVE-2024-28072: A highly privileged account can overwrite arbitrary files on the system with log output. The log fil A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly.
nvd
CVE-2022-38106P4MEDIUMCVSS 5.4v15.3.0v15.3.12022-12-16
CVE-2022-38106 [MEDIUM] CWE-79 CVE-2022-38106: This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability af This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.
nvd
CVE-2023-40053P4MEDIUMCVSS 5.0v15.4.0v15.4 and previous versions2023-12-06
CVE-2023-40053 [MEDIUM] CWE-20 CVE-2023-40053: A vulnerability has been identified within Serv-U 15.4 that allows an authenticated actor to insert A vulnerability has been identified within Serv-U 15.4 that allows an authenticated actor to insert content on the file share function feature of Serv-U, which could be used maliciously.
nvd
CVE-2020-35482P4MEDIUMCVSS 5.4fixed in 15.2.22021-02-03
CVE-2020-35482 [MEDIUM] CWE-79 CVE-2020-35482: SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS. SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS.
nvd
CVE-2020-15575P4MEDIUMCVSS 6.1fixed in 15.2.12020-07-07
CVE-2020-15575 [MEDIUM] CWE-79 CVE-2020-15575: SolarWinds Serv-U File Server before 15.2.1 allows XSS as demonstrated by Tenable Scan, aka Case Num SolarWinds Serv-U File Server before 15.2.1 allows XSS as demonstrated by Tenable Scan, aka Case Number 00484194.
nvd
CVE-2024-45712P4MEDIUMCVSS 5.4fixed in 15.5.1vServ-U 15.5 and previous versions2025-04-15
CVE-2024-45712 [MEDIUM] CWE-79 CVE-2024-45712: SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulne SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low.
nvd
CVE-2021-35249P4MEDIUMCVSS 4.3fixed in 15.3.1≥ 15.3 and previous versions, < 15.3.12022-05-17
CVE-2021-35249 [MEDIUM] CWE-284 CVE-2021-35249: This broken access control vulnerability pertains specifically to a domain admin who can access conf This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a data leak to unauthorized users for a domain, with no log of them accessin
nvd
CVE-2024-45714P4MEDIUMCVSS 4.1≤ 15.4.2.3vServ-U 15.4.2 HF2 and previous versions2024-10-16
CVE-2024-45714 [MEDIUM] CWE-79 CVE-2024-45714: Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permis Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload.
nvd
Solarwinds Serv-U vulnerabilities | cvebase