CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 1CVE-2021-35250 – Directory Transversal Vulnerability in Serv-U 15.3
https://notcve.org/view.php?id=CVE-2021-35250
A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1. Un investigador informó de una Vulnerabilidad de Salto de Directorio en Serv-U versión 15.3. Esto puede permitir el acceso a archivos relacionados con la instalación de Serv-U y los archivos del servidor. • https://github.com/rissor41/SolarWinds-CVE-2021-35250 https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-3-HotFix-1?language=en_US https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35250 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-35247 – SolarWinds Serv-U Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2021-35247
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U. • https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-35242 – A valid CSRF token is present in response to an invalid request
https://notcve.org/view.php?id=CVE-2021-35242
Serv-U server responds with valid CSRFToken when the request contains only Session. El servidor Serv-U responde con un CSRFToken válido cuando la petición contiene sólo Session • https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-35245 – Broken Access Control Vulnerability for SolarWinds Serv-U
https://notcve.org/view.php?id=CVE-2021-35245
When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine. Cuando un usuario presenta derechos de administrador en la Consola de Serv-U, el usuario puede mover, crear y eliminar cualquier archivo al que se pueda acceder en la máquina anfitriona de Serv-U • https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35245 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-35223 – Execute Command Function Allows Remote Code Execution (RCE)Vulnerability
https://notcve.org/view.php?id=CVE-2021-35223
The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution. El Servidor de Archivos Serv-U permite auditar eventos como los fallos de inicio de sesión de los usuarios mediante la ejecución de un comando. Este comando puede ser suministrado con parámetros que pueden tomar la forma de variables de cadena de usuario, permitiendo la ejecución remota de código • https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-4_release_notes.htm https://support.solarwinds.com/SuccessCenter/s/article/Execute-Command-Function-Allows-Remote-Code-Execution-RCE-Vulnerability-CVE-2021-35223?language=en_US https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35223 • CWE-20: Improper Input Validation •