漏洞描述
SolarWinds Serv-U File Server是美国SolarWinds公司的一款文件传输服务器。
SolarWinds Serv-U存在路径遍历漏洞,该漏洞源于容易受到目录横向的影响,允许访问读取主机上的敏感文件。
SolarWinds Serv-U FTP 存在任意文件读取漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2024-28986: SolarWinds Web Help Desk < 12.8.3 - Insecure Deserialization
- (CVE-2023-53886)Xlight FTP Server 3.9.3.6 "Execute Program"配置栈缓冲区溢出漏洞
- POC CVE-2025-34299: Monsta FTP <= 2.11.2 - Unauthenticated Remote Code Execution
- SolarWinds Web Help Desk 未授权 反序列化漏洞
- CVE-2011-2523: VSFTPD 2.3.4 - Backdoor Command Execution
- (CVE-2010-20103)ProFTPD 1.3.3c后门导致远程代码执行漏洞
- Wing FTP Server认证绕过导致远程代码执行(CVE-2025-47812)
- POC CVE-2025-54309: CrushFTP - Authentication Bypass Race Condition
- POC CVE-2018-19386: SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting
- POC CVE-2019-19368: Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting
- POC CVE-2020-10148: SolarWinds Orion API - Auth Bypass
- POC CVE-2020-27735: Wing FTP 6.4.4 - Cross-Site Scripting
- POC CVE-2021-35250: SolarWinds Serv-U 15.3 - Directory Traversal