CVE-2021-35242 – A valid CSRF token is present in response to an invalid request
https://notcve.org/view.php?id=CVE-2021-35242
Serv-U server responds with valid CSRFToken when the request contains only Session. El servidor Serv-U responde con un CSRFToken válido cuando la petición contiene sólo Session • https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35242 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2021-35245 – Broken Access Control Vulnerability for SolarWinds Serv-U
https://notcve.org/view.php?id=CVE-2021-35245
When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine. Cuando un usuario presenta derechos de administrador en la Consola de Serv-U, el usuario puede mover, crear y eliminar cualquier archivo al que se pueda acceder en la máquina anfitriona de Serv-U • https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-5_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35245 • CWE-284: Improper Access Control •
CVE-2021-35223 – Execute Command Function Allows Remote Code Execution (RCE)Vulnerability
https://notcve.org/view.php?id=CVE-2021-35223
The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution. El Servidor de Archivos Serv-U permite auditar eventos como los fallos de inicio de sesión de los usuarios mediante la ejecución de un comando. Este comando puede ser suministrado con parámetros que pueden tomar la forma de variables de cadena de usuario, permitiendo la ejecución remota de código • https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-4_release_notes.htm https://support.solarwinds.com/SuccessCenter/s/article/Execute-Command-Function-Allows-Remote-Code-Execution-RCE-Vulnerability-CVE-2021-35223?language=en_US https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35223 • CWE-20: Improper Input Validation •
CVE-2021-35211 – SolarWinds Serv-U Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-35211
Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability. Microsoft descubrió una vulnerabilidad de ejecución de código remota (RCE) en el producto SolarWinds Serv-U usando una Vulnerabilidad de Escape de Memoria Remota. Si es explotado, un actor de la amenaza puede ser capaz de obtener acceso privilegiado a la máquina que aloja Serv-U solamente. • https://github.com/BishopFox/CVE-2021-35211 https://github.com/NattiSamson/Serv-U-CVE-2021-35211 https://github.com/0xhaggis/CVE-2021-35211 https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211 • CWE-787: Out-of-bounds Write •