PT-2020-14493 · Solarwinds · Serv-U Ftp Server

Published

2020-07-05

Updated

2020-07-15

CVE-2020-15543

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SolarWinds Serv-U FTP server versions prior to 15.2.1

Description The issue concerns the failure to validate an argument path in the SolarWinds Serv-U FTP server. This lack of validation could potentially lead to exploitation. No information is provided about the estimated number of affected devices or real-world incidents.

Recommendations For versions prior to 15.2.1, update to version 15.2.1 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2020-15543

Affected Products

Serv-U Ftp Server

PT-2020-14493 · Solarwinds · Serv-U Ftp Server

CVE-2020-15543

Weakness Enumeration

Related Identifiers

Affected Products

References · 4