CVSS: 9.0EPSS: 3%CPEs: 1EXPL: 3CVE-2018-15906 – SolarWinds Serv-U FTP 15.1.6 Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-15906
02 Feb 2019 — SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file. SolarWinds Serv-U FTP Server 15.1.6 permite que usuarios remotos autenticados ejecuten código arbitrario aprovechando la característica de importación y modificando un archivo CSV. SolarWinds Serv-U FTP Server version 15.1.6 is vulnerable to privilege escalation from remote authenticated users by leveraging the CSV user import function. This leads to obta... • https://packetstorm.news/files/id/151473 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16791 – SolarWinds SFTP Insecure Password Storage / XXE Injection
https://notcve.org/view.php?id=CVE-2018-16791
05 Dec 2018 — In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords for potentially privileged accounts. This also grants the attacker an ability to backdoor the server. En SolarWinds SFTP/SCP Server hasta el 10/09/2018, el archivo de configuración puede ser leído y escrito por cualquier usuario y almacena las contraseñas de los usuarios de forma insegura, lo que permite que un a... • https://seclists.org/fulldisclosure/2018/Dec/0 • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16792 – SolarWinds SFTP Insecure Password Storage / XXE Injection
https://notcve.org/view.php?id=CVE-2018-16792
05 Dec 2018 — SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data. SolarWinds SFTP/SCP Server hasta el 10/09/2018 es vulnerable a XEE (XML External Entity) mediante un archivo de configuración que puede ser leído y modificado por cualquier usuario, lo que permite que un atacante exfiltre datos. In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores use... • https://seclists.org/fulldisclosure/2018/Dec/0 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2018-12897 – DameWare Remote Support 12.0.0.509 - 'Host' Buffer Overflow (SEH)
https://notcve.org/view.php?id=CVE-2018-12897
07 Sep 2018 — SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow. SolarWinds DameWare Mini Remote Control en versiones anteriores a la 12.1 tiene un desbordamiento de búfer. • https://packetstorm.news/files/id/153668 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.3EPSS: 1%CPEs: 1EXPL: 0CVE-2018-10240
https://notcve.org/view.php?id=CVE-2018-10240
16 May 2018 — SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. This session token's value can be brute-forced by an attacker to obtain the corresponding session cookie and hijack the user's session. SolarWinds Serv-U MFT en versiones anteriores a la 15.1.6 HFv1 asigna a usuarios autenticados un token de sesión con poca entropía que puede incluirse en peticiones a la aplicació... • https://www.bishopfox.com/news/2018/05/solarwinds-serv-u-managed-file-transfer-insufficient-session-id-entropy • CWE-331: Insufficient Entropy •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 1CVE-2018-10241
https://notcve.org/view.php?id=CVE-2018-10241
16 May 2018 — A denial of service vulnerability in SolarWinds Serv-U before 15.1.6 HFv1 allows an authenticated user to crash the application (with a NULL pointer dereference) via a specially crafted URL beginning with the /Web%20Client/ substring. Una vulnerabilidad de denegación de servicio (DoS) en SolarWinds Serv-U en versiones anteriores a la 15.1.6 HFv1 permite que un usuario autenticado provoque el cierre inesperado de la aplicación (con una desreferencia de puntero NULL) mediante una URL especialmente manipulada ... • https://www.bishopfox.com/news/2018/05/solarwinds-serv-u-managed-file-transfer-denial-of-service • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 44%CPEs: 3EXPL: 3CVE-2012-2576 – SolarWinds Storage Manager 5.1.0 - Remote SYSTEM SQL Injection
https://notcve.org/view.php?id=CVE-2012-2576
20 Dec 2017 — SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field. Vulnerabilidad de inyección SQL en la página LoginServlet en SolarWinds Storage Manager en versiones anteriores a la 5.1.2, SolarWinds Storage Profiler en versiones anteriores a la 5.1.2 y SolarWinds Backup Profiler en versiones anteriores a la 5... • https://www.exploit-db.com/exploits/18818 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 1%CPEs: 1EXPL: 1CVE-2017-9537 – SolarWinds Network Performance Monitor 12.0.15300.90 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2017-9537
29 Sep 2017 — Persistent cross-site scripting (XSS) in the Add Node function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to introduce arbitrary JavaScript into various vulnerable parameters. Existe una vulnerabilidad de tipo Cross-Site Scripting (XSS) persistente en la función Add Node de SolarWinds Network Performance Monitor en su versión 12.0.15300.90 que permite que los atacantes remotos introduzcan código JavaScript arbitrario en varios parámetros vulnerables. SolarWinds N... • https://packetstorm.news/files/id/144411 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 5%CPEs: 1EXPL: 1CVE-2017-9538 – SolarWinds Network Performance Monitor 12.0.15300.90 Denial of Service
https://notcve.org/view.php?id=CVE-2017-9538
29 Sep 2017 — The 'Upload logo from external path' function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to cause a denial of service (permanent display of a "Cannot exit above the top directory" error message throughout the entire web application) via a ".." in the path field. In other words, the denial of service is caused by an incorrect implementation of a directory-traversal protection mechanism. La función "Upload logo from external path" de SolarWinds Network Performance ... • https://packetstorm.news/files/id/144412 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 49%CPEs: 1EXPL: 1CVE-2017-7722
https://notcve.org/view.php?id=CVE-2017-7722
12 Apr 2017 — In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the restricted shell. En SolarWinds Log & Event Manager (LEM) en versiones anteriores a 6.3.1 Hotfix 4, se encuentra un sistema de menús cuando se accede al servicio SSH con "cmc" y "password" (nombre de usuario y co... • https://pentest.blog/unexpected-journey-4-escaping-from-restricted-shell-and-gaining-root-access-to-solarwinds-log-event-manager-siem-product • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •