Search

Find a vulnerability

Search criteria

    103 vulnerabilities found for Serv-U by SolarWinds

    CVE-2026-28318 (GCVE-0-2026-28318)

    Vulnerability from nvd – Published: 2026-06-04 14:05 – Updated: 2026-06-06 03:55
    VLAI CISA KEVIntel
    Title
    SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability
    Summary
    SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update
    SSVC
    Exploitation: active Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: 15.5.4 and previous versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28318",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-05T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-06-05",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-28318"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-06T03:55:57.072Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-28318"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-06-05T00:00:00.000Z",
                "value": "CVE-2026-28318 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.5.4 and previous versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update  \u003cbr\u003e"
                }
              ],
              "value": "SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-469",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-469 HTTP DoS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-04T14:05:58.218Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2026-28318"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4-hotfix-1_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to SolarWinds Serv-U 15.5.4 Hotfix 1. Use the mitigation steps until the upgrade is possible.\u0026nbsp;"
                }
              ],
              "value": "Upgrade to SolarWinds Serv-U 15.5.4 Hotfix 1. Use the mitigation steps until the upgrade is possible."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Block any POST requests containing \u0027Content-Encoding: deflate\u0027. This function is not required for SolarWinds Serv-U.\u0026nbsp;\u0026nbsp;\u003cbr\u003e"
                }
              ],
              "value": "Block any POST requests containing \u0027Content-Encoding: deflate\u0027. This function is not required for SolarWinds Serv-U."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2026-28318",
        "datePublished": "2026-06-04T14:05:58.218Z",
        "dateReserved": "2026-02-26T14:46:41.520Z",
        "dateUpdated": "2026-06-06T03:55:57.072Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40541 (GCVE-0-2025-40541)

    Vulnerability from nvd – Published: 2026-02-24 07:41 – Updated: 2026-02-26 14:44
    VLAI
    Title
    SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability
    Summary
    An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-704 - Incorrect Type Conversion or Cast
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.3 and prior versions
    Create a notification for this product.
    Date Public
    2026-02-23 07:54
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40541",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-25T04:55:25.783559Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T14:44:09.404Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.3 and prior versions"
                }
              ]
            }
          ],
          "datePublic": "2026-02-23T07:54:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account.\u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account.\n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-704",
                  "description": "CWE-704 Incorrect Type Conversion or Cast",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T07:41:49.921Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40541"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available.\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40541",
        "datePublished": "2026-02-24T07:41:49.921Z",
        "dateReserved": "2025-04-16T08:00:57.647Z",
        "dateUpdated": "2026-02-26T14:44:09.404Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40540 (GCVE-0-2025-40540)

    Vulnerability from nvd – Published: 2026-02-24 07:41 – Updated: 2026-02-26 14:44
    VLAI
    Title
    SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability
    Summary
    A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-704 - Incorrect Type Conversion or Cast
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.3 and prior versions
    Create a notification for this product.
    Date Public
    2026-02-24 07:50
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-25T04:55:27.447736Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T14:44:09.561Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.3 and prior versions"
                }
              ]
            }
          ],
          "datePublic": "2026-02-24T07:50:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.\u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.\n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-704",
                  "description": "CWE-704 Incorrect Type Conversion or Cast",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T07:41:17.517Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40540"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available.\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40540",
        "datePublished": "2026-02-24T07:41:17.517Z",
        "dateReserved": "2025-04-16T08:00:57.647Z",
        "dateUpdated": "2026-02-26T14:44:09.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40539 (GCVE-0-2025-40539)

    Vulnerability from nvd – Published: 2026-02-24 07:40 – Updated: 2026-02-26 14:44
    VLAI
    Title
    SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability
    Summary
    A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-704 - Incorrect Type Conversion or Cast
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.3 and prior versions
    Create a notification for this product.
    Date Public
    2026-02-24 07:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40539",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-25T04:55:28.924499Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T14:44:09.712Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.3 and prior versions"
                }
              ]
            }
          ],
          "datePublic": "2026-02-24T07:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.\u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.\n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-704",
                  "description": "CWE-704 Incorrect Type Conversion or Cast",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T07:40:46.244Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40539"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available.\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40539",
        "datePublished": "2026-02-24T07:40:46.244Z",
        "dateReserved": "2025-04-16T08:00:57.647Z",
        "dateUpdated": "2026-02-26T14:44:09.712Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40538 (GCVE-0-2025-40538)

    Vulnerability from nvd – Published: 2026-02-24 07:40 – Updated: 2026-02-26 14:44
    VLAI
    Title
    SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability
    Summary
    A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.3 and prior versions
    Create a notification for this product.
    Date Public
    2026-02-24 07:23
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40538",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-25T04:55:30.568444Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T14:44:09.848Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.3 and prior versions"
                }
              ]
            }
          ],
          "datePublic": "2026-02-24T07:23:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges.\u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges.\n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T07:40:12.958Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40538"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available.\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40538",
        "datePublished": "2026-02-24T07:40:12.958Z",
        "dateReserved": "2025-04-16T08:00:57.647Z",
        "dateUpdated": "2026-02-26T14:44:09.848Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40549 (GCVE-0-2025-40549)

    Vulnerability from nvd – Published: 2025-11-18 08:41 – Updated: 2026-02-26 16:56
    VLAI
    Title
    SolarWinds Serv-U Path Restriction Bypass Vulnerability
    Summary
    A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences in how paths and home directories are handled.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.2 and prior versions
    Create a notification for this product.
    Date Public
    2025-11-18 14:19
    Credits
    Maurice Moss
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40549",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-19T04:55:21.850571Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:56:45.533Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.2 and prior versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Maurice Moss"
            }
          ],
          "datePublic": "2025-11-18T14:19:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. \u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences in how paths and home directories are handled. \u003cbr\u003e"
                }
              ],
              "value": "A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. \n\nThis issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences in how paths and home directories are handled."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-253",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-253 Remote Code Inclusion"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-18T08:41:24.582Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40549"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-3_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available.\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Path Restriction Bypass Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40549",
        "datePublished": "2025-11-18T08:41:24.582Z",
        "dateReserved": "2025-04-16T08:01:25.942Z",
        "dateUpdated": "2026-02-26T16:56:45.533Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40548 (GCVE-0-2025-40548)

    Vulnerability from nvd – Published: 2025-11-18 08:38 – Updated: 2026-02-26 16:56
    VLAI
    Title
    SolarWinds Serv-U Broken Access Control - Remote Code Execution Vulnerability
    Summary
    A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.2 and prior versions
    Create a notification for this product.
    Date Public
    2025-11-18 14:14
    Credits
    SolarWinds would like to thank researchers working with Intigriti on our bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40548",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-19T04:55:22.712993Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:56:45.923Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.2 and prior versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "SolarWinds would like to thank researchers working with Intigriti on our bug bounty program"
            }
          ],
          "datePublic": "2025-11-18T14:14:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. \u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default. \u003cbr\u003e"
                }
              ],
              "value": "A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. \n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-18T08:38:19.354Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40548"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-3_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available.\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Broken Access Control - Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40548",
        "datePublished": "2025-11-18T08:38:19.354Z",
        "dateReserved": "2025-04-16T08:01:25.942Z",
        "dateUpdated": "2026-02-26T16:56:45.923Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40547 (GCVE-0-2025-40547)

    Vulnerability from nvd – Published: 2025-11-18 08:35 – Updated: 2026-02-26 16:56
    VLAI
    Title
    SolarWinds Serv-U Logic Abuse - Remote Code Execution Vulnerability
    Summary
    A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-116 - Improper Encoding or Escaping of Output
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.2 and prior versions
    Create a notification for this product.
    Date Public
    2025-11-18 14:05
    Credits
    SolarWinds would like to thank researchers working with Intigriti on our bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40547",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-19T04:55:23.420047Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:56:46.272Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.2 and prior versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "SolarWinds would like to thank researchers working with Intigriti on our bug bounty program"
            }
          ],
          "datePublic": "2025-11-18T14:05:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. \u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default. \u003cbr\u003e"
                }
              ],
              "value": "A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. \n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-253",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-253 Remote Code Inclusion"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-116",
                  "description": "CWE-116 Improper Encoding or Escaping of Output",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-18T08:35:03.970Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40547"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-3_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available.\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Logic Abuse - Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40547",
        "datePublished": "2025-11-18T08:35:03.970Z",
        "dateReserved": "2025-04-16T08:01:25.942Z",
        "dateUpdated": "2026-02-26T16:56:46.272Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-45712 (GCVE-0-2024-45712)

    Vulnerability from nvd – Published: 2025-04-15 08:39 – Updated: 2025-04-15 13:58
    VLAI
    Title
    SolarWinds Serv-U Client-Side Cross-Site Scripting Vulnerability
    Summary
    SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: Serv-U 15.5 and previous versions
    Create a notification for this product.
    Date Public
    2025-04-15 09:35
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45712",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-15T13:58:27.232332Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-15T13:58:41.012Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "Serv-U 15.5 and previous versions"
                }
              ]
            }
          ],
          "datePublic": "2025-04-15T09:35:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low. \u003c/span\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 2.6,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-15T08:39:23.242Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45712"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-1_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.1 as soon as it becomes available.\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.1 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Client-Side Cross-Site Scripting Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2024-45712",
        "datePublished": "2025-04-15T08:39:23.242Z",
        "dateReserved": "2024-09-05T08:28:03.887Z",
        "dateUpdated": "2025-04-15T13:58:41.012Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-45714 (GCVE-0-2024-45714)

    Vulnerability from nvd – Published: 2024-10-16 07:26 – Updated: 2024-10-16 13:23
    VLAI
    Title
    SolarWinds Serv-U Stored XSS Vulnerability
    Summary
    Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: Serv-U 15.4.2 HF2 and previous versions
    Create a notification for this product.
    Credits
    Simon Wattier
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45714",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-16T13:23:18.677097Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-16T13:23:27.763Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "Serv-U 15.4.2 HF2 and previous versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Simon Wattier"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users\u2019 permissions can modify a variable with a payload."
                }
              ],
              "value": "Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users\u2019 permissions can modify a variable with a payload."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-16T07:26:04.406Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45714"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to Serv-U 15.5\u0026nbsp;as soon as it becomes available.\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to Serv-U 15.5\u00a0as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "SolarWinds Serv-U  Stored XSS Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2024-45714",
        "datePublished": "2024-10-16T07:26:04.406Z",
        "dateReserved": "2024-09-05T08:28:03.888Z",
        "dateUpdated": "2024-10-16T13:23:27.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-45711 (GCVE-0-2024-45711)

    Vulnerability from nvd – Published: 2024-10-16 07:27 – Updated: 2024-10-16 13:22
    VLAI
    Title
    SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability
    Summary
    SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: Serv-U 15.4.2 HF 2 and previous versions
    Create a notification for this product.
    solarwinds serv-u Affected: 0 , < 15.5 (custom)
        cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Anonymous working with Trend Micro Zero Day Initiative
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "serv-u",
                "vendor": "solarwinds",
                "versions": [
                  {
                    "lessThan": "15.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45711",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-16T13:10:34.374690Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-16T13:22:44.193Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "Serv-U 15.4.2 HF 2 and previous versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Anonymous working with Trend Micro Zero Day Initiative"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds Serv-U is vulnerable  to a directory traversal  vulnerability where remote code execution is possible depending on privileges given to the authenticated user.  This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability"
                }
              ],
              "value": "SolarWinds Serv-U is vulnerable  to a directory traversal  vulnerability where remote code execution is possible depending on privileges given to the authenticated user.  This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-253",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-253 Remote Code Inclusion"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-16T07:27:22.001Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45711"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "All SolarWinds customers are advised to upgrade to the latest version of the SolarWinds Serv-U\u0026nbsp;15.5.\u003cbr\u003e"
                }
              ],
              "value": "All SolarWinds customers are advised to upgrade to the latest version of the SolarWinds Serv-U\u00a015.5."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2024-45711",
        "datePublished": "2024-10-16T07:27:22.001Z",
        "dateReserved": "2024-09-05T08:28:03.887Z",
        "dateUpdated": "2024-10-16T13:22:44.193Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-28995 (GCVE-0-2024-28995)

    Vulnerability from nvd – Published: 2024-06-06 09:01 – Updated: 2025-10-21 23:05
    Title
    SolarWinds Serv-U L Directory Transversal Vulnerability
    Summary
    SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    Impacted products
    Vendor Product Version
    SolarWinds SolarWinds Serv-U Affected: 15.4.2 HF 1 and previous versions
    Create a notification for this product.
    solarwinds serv-u Affected: 0 , ≤ 15.4.2_hf_1 (custom)
        cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Hussein Daher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "serv-u",
                "vendor": "solarwinds",
                "versions": [
                  {
                    "lessThanOrEqual": "15.4.2_hf_1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-28995",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-17T16:46:00.595482Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2024-07-17",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T23:05:16.763Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2024-07-17T00:00:00.000Z",
                "value": "CVE-2024-28995 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:03:51.459Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "SolarWinds Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.4.2 HF 1 and previous versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Hussein Daher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.   \u003cp\u003e \u003c/p\u003e"
                }
              ],
              "value": "SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-06T09:01:23.314Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cbr\u003eSolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.4.2 HF 2 as soon as it becomes available.\u003cbr\u003e \u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.4.2 HF 2 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U L Directory Transversal Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2024-28995",
        "datePublished": "2024-06-06T09:01:23.314Z",
        "dateReserved": "2024-03-13T20:27:09.783Z",
        "dateUpdated": "2025-10-21T23:05:16.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-28318 (GCVE-0-2026-28318)

    Vulnerability from cvelistv5 – Published: 2026-06-04 14:05 – Updated: 2026-06-06 03:55
    VLAI CISA KEVIntel
    Title
    SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability
    Summary
    SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update
    SSVC
    Exploitation: active Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: 15.5.4 and previous versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28318",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-05T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-06-05",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-28318"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-06T03:55:57.072Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-28318"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-06-05T00:00:00.000Z",
                "value": "CVE-2026-28318 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.5.4 and previous versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update  \u003cbr\u003e"
                }
              ],
              "value": "SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-469",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-469 HTTP DoS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-04T14:05:58.218Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2026-28318"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4-hotfix-1_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to SolarWinds Serv-U 15.5.4 Hotfix 1. Use the mitigation steps until the upgrade is possible.\u0026nbsp;"
                }
              ],
              "value": "Upgrade to SolarWinds Serv-U 15.5.4 Hotfix 1. Use the mitigation steps until the upgrade is possible."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Block any POST requests containing \u0027Content-Encoding: deflate\u0027. This function is not required for SolarWinds Serv-U.\u0026nbsp;\u0026nbsp;\u003cbr\u003e"
                }
              ],
              "value": "Block any POST requests containing \u0027Content-Encoding: deflate\u0027. This function is not required for SolarWinds Serv-U."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2026-28318",
        "datePublished": "2026-06-04T14:05:58.218Z",
        "dateReserved": "2026-02-26T14:46:41.520Z",
        "dateUpdated": "2026-06-06T03:55:57.072Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40541 (GCVE-0-2025-40541)

    Vulnerability from cvelistv5 – Published: 2026-02-24 07:41 – Updated: 2026-02-26 14:44
    VLAI
    Title
    SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability
    Summary
    An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-704 - Incorrect Type Conversion or Cast
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.3 and prior versions
    Create a notification for this product.
    Date Public
    2026-02-23 07:54
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40541",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-25T04:55:25.783559Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T14:44:09.404Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.3 and prior versions"
                }
              ]
            }
          ],
          "datePublic": "2026-02-23T07:54:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account.\u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account.\n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-704",
                  "description": "CWE-704 Incorrect Type Conversion or Cast",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T07:41:49.921Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40541"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available.\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40541",
        "datePublished": "2026-02-24T07:41:49.921Z",
        "dateReserved": "2025-04-16T08:00:57.647Z",
        "dateUpdated": "2026-02-26T14:44:09.404Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40540 (GCVE-0-2025-40540)

    Vulnerability from cvelistv5 – Published: 2026-02-24 07:41 – Updated: 2026-02-26 14:44
    VLAI
    Title
    SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability
    Summary
    A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-704 - Incorrect Type Conversion or Cast
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.3 and prior versions
    Create a notification for this product.
    Date Public
    2026-02-24 07:50
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-25T04:55:27.447736Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T14:44:09.561Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.3 and prior versions"
                }
              ]
            }
          ],
          "datePublic": "2026-02-24T07:50:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.\u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.\n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-704",
                  "description": "CWE-704 Incorrect Type Conversion or Cast",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T07:41:17.517Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40540"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available.\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40540",
        "datePublished": "2026-02-24T07:41:17.517Z",
        "dateReserved": "2025-04-16T08:00:57.647Z",
        "dateUpdated": "2026-02-26T14:44:09.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40539 (GCVE-0-2025-40539)

    Vulnerability from cvelistv5 – Published: 2026-02-24 07:40 – Updated: 2026-02-26 14:44
    VLAI
    Title
    SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability
    Summary
    A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-704 - Incorrect Type Conversion or Cast
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.3 and prior versions
    Create a notification for this product.
    Date Public
    2026-02-24 07:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40539",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-25T04:55:28.924499Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T14:44:09.712Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.3 and prior versions"
                }
              ]
            }
          ],
          "datePublic": "2026-02-24T07:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.\u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.\n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-704",
                  "description": "CWE-704 Incorrect Type Conversion or Cast",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T07:40:46.244Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40539"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available.\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40539",
        "datePublished": "2026-02-24T07:40:46.244Z",
        "dateReserved": "2025-04-16T08:00:57.647Z",
        "dateUpdated": "2026-02-26T14:44:09.712Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40538 (GCVE-0-2025-40538)

    Vulnerability from cvelistv5 – Published: 2026-02-24 07:40 – Updated: 2026-02-26 14:44
    VLAI
    Title
    SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability
    Summary
    A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.3 and prior versions
    Create a notification for this product.
    Date Public
    2026-02-24 07:23
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40538",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-25T04:55:30.568444Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T14:44:09.848Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.3 and prior versions"
                }
              ]
            }
          ],
          "datePublic": "2026-02-24T07:23:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges.\u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges.\n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T07:40:12.958Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40538"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available.\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.4 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40538",
        "datePublished": "2026-02-24T07:40:12.958Z",
        "dateReserved": "2025-04-16T08:00:57.647Z",
        "dateUpdated": "2026-02-26T14:44:09.848Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40549 (GCVE-0-2025-40549)

    Vulnerability from cvelistv5 – Published: 2025-11-18 08:41 – Updated: 2026-02-26 16:56
    VLAI
    Title
    SolarWinds Serv-U Path Restriction Bypass Vulnerability
    Summary
    A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences in how paths and home directories are handled.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.2 and prior versions
    Create a notification for this product.
    Date Public
    2025-11-18 14:19
    Credits
    Maurice Moss
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40549",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-19T04:55:21.850571Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:56:45.533Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.2 and prior versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Maurice Moss"
            }
          ],
          "datePublic": "2025-11-18T14:19:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. \u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences in how paths and home directories are handled. \u003cbr\u003e"
                }
              ],
              "value": "A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. \n\nThis issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences in how paths and home directories are handled."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-253",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-253 Remote Code Inclusion"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-18T08:41:24.582Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40549"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-3_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available.\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Path Restriction Bypass Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40549",
        "datePublished": "2025-11-18T08:41:24.582Z",
        "dateReserved": "2025-04-16T08:01:25.942Z",
        "dateUpdated": "2026-02-26T16:56:45.533Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40548 (GCVE-0-2025-40548)

    Vulnerability from cvelistv5 – Published: 2025-11-18 08:38 – Updated: 2026-02-26 16:56
    VLAI
    Title
    SolarWinds Serv-U Broken Access Control - Remote Code Execution Vulnerability
    Summary
    A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.2 and prior versions
    Create a notification for this product.
    Date Public
    2025-11-18 14:14
    Credits
    SolarWinds would like to thank researchers working with Intigriti on our bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40548",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-19T04:55:22.712993Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:56:45.923Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.2 and prior versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "SolarWinds would like to thank researchers working with Intigriti on our bug bounty program"
            }
          ],
          "datePublic": "2025-11-18T14:14:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. \u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default. \u003cbr\u003e"
                }
              ],
              "value": "A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. \n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-18T08:38:19.354Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40548"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-3_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available.\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Broken Access Control - Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40548",
        "datePublished": "2025-11-18T08:38:19.354Z",
        "dateReserved": "2025-04-16T08:01:25.942Z",
        "dateUpdated": "2026-02-26T16:56:45.923Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-40547 (GCVE-0-2025-40547)

    Vulnerability from cvelistv5 – Published: 2025-11-18 08:35 – Updated: 2026-02-26 16:56
    VLAI
    Title
    SolarWinds Serv-U Logic Abuse - Remote Code Execution Vulnerability
    Summary
    A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-116 - Improper Encoding or Escaping of Output
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: SolarWinds Serv-U 15.5.2 and prior versions
    Create a notification for this product.
    Date Public
    2025-11-18 14:05
    Credits
    SolarWinds would like to thank researchers working with Intigriti on our bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-40547",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-19T04:55:23.420047Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:56:46.272Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "SolarWinds Serv-U 15.5.2 and prior versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "SolarWinds would like to thank researchers working with Intigriti on our bug bounty program"
            }
          ],
          "datePublic": "2025-11-18T14:05:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. \u003cbr\u003e\u003cbr\u003eThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default. \u003cbr\u003e"
                }
              ],
              "value": "A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. \n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-253",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-253 Remote Code Inclusion"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-116",
                  "description": "CWE-116 Improper Encoding or Escaping of Output",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-18T08:35:03.970Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40547"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-3_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available.\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.3 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Logic Abuse - Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2025-40547",
        "datePublished": "2025-11-18T08:35:03.970Z",
        "dateReserved": "2025-04-16T08:01:25.942Z",
        "dateUpdated": "2026-02-26T16:56:46.272Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-45712 (GCVE-0-2024-45712)

    Vulnerability from cvelistv5 – Published: 2025-04-15 08:39 – Updated: 2025-04-15 13:58
    VLAI
    Title
    SolarWinds Serv-U Client-Side Cross-Site Scripting Vulnerability
    Summary
    SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: Serv-U 15.5 and previous versions
    Create a notification for this product.
    Date Public
    2025-04-15 09:35
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45712",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-15T13:58:27.232332Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-15T13:58:41.012Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "Serv-U 15.5 and previous versions"
                }
              ]
            }
          ],
          "datePublic": "2025-04-15T09:35:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low. \u003c/span\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 2.6,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-15T08:39:23.242Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45712"
            },
            {
              "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-1_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.1 as soon as it becomes available.\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.5.1 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U Client-Side Cross-Site Scripting Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2024-45712",
        "datePublished": "2025-04-15T08:39:23.242Z",
        "dateReserved": "2024-09-05T08:28:03.887Z",
        "dateUpdated": "2025-04-15T13:58:41.012Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-45711 (GCVE-0-2024-45711)

    Vulnerability from cvelistv5 – Published: 2024-10-16 07:27 – Updated: 2024-10-16 13:22
    VLAI
    Title
    SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability
    Summary
    SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: Serv-U 15.4.2 HF 2 and previous versions
    Create a notification for this product.
    solarwinds serv-u Affected: 0 , < 15.5 (custom)
        cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Anonymous working with Trend Micro Zero Day Initiative
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "serv-u",
                "vendor": "solarwinds",
                "versions": [
                  {
                    "lessThan": "15.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45711",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-16T13:10:34.374690Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-16T13:22:44.193Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "Serv-U 15.4.2 HF 2 and previous versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Anonymous working with Trend Micro Zero Day Initiative"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds Serv-U is vulnerable  to a directory traversal  vulnerability where remote code execution is possible depending on privileges given to the authenticated user.  This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability"
                }
              ],
              "value": "SolarWinds Serv-U is vulnerable  to a directory traversal  vulnerability where remote code execution is possible depending on privileges given to the authenticated user.  This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-253",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-253 Remote Code Inclusion"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-16T07:27:22.001Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45711"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "All SolarWinds customers are advised to upgrade to the latest version of the SolarWinds Serv-U\u0026nbsp;15.5.\u003cbr\u003e"
                }
              ],
              "value": "All SolarWinds customers are advised to upgrade to the latest version of the SolarWinds Serv-U\u00a015.5."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2024-45711",
        "datePublished": "2024-10-16T07:27:22.001Z",
        "dateReserved": "2024-09-05T08:28:03.887Z",
        "dateUpdated": "2024-10-16T13:22:44.193Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-45714 (GCVE-0-2024-45714)

    Vulnerability from cvelistv5 – Published: 2024-10-16 07:26 – Updated: 2024-10-16 13:23
    VLAI
    Title
    SolarWinds Serv-U Stored XSS Vulnerability
    Summary
    Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    SolarWinds Serv-U Affected: Serv-U 15.4.2 HF2 and previous versions
    Create a notification for this product.
    Credits
    Simon Wattier
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45714",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-16T13:23:18.677097Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-16T13:23:27.763Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "Serv-U 15.4.2 HF2 and previous versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Simon Wattier"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users\u2019 permissions can modify a variable with a payload."
                }
              ],
              "value": "Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users\u2019 permissions can modify a variable with a payload."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-16T07:26:04.406Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45714"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds recommends that customers upgrade to Serv-U 15.5\u0026nbsp;as soon as it becomes available.\n\n\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to Serv-U 15.5\u00a0as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "SolarWinds Serv-U  Stored XSS Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2024-45714",
        "datePublished": "2024-10-16T07:26:04.406Z",
        "dateReserved": "2024-09-05T08:28:03.888Z",
        "dateUpdated": "2024-10-16T13:23:27.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-28995 (GCVE-0-2024-28995)

    Vulnerability from cvelistv5 – Published: 2024-06-06 09:01 – Updated: 2025-10-21 23:05
    Title
    SolarWinds Serv-U L Directory Transversal Vulnerability
    Summary
    SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    Impacted products
    Vendor Product Version
    SolarWinds SolarWinds Serv-U Affected: 15.4.2 HF 1 and previous versions
    Create a notification for this product.
    solarwinds serv-u Affected: 0 , ≤ 15.4.2_hf_1 (custom)
        cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Hussein Daher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "serv-u",
                "vendor": "solarwinds",
                "versions": [
                  {
                    "lessThanOrEqual": "15.4.2_hf_1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-28995",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-17T16:46:00.595482Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2024-07-17",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T23:05:16.763Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2024-07-17T00:00:00.000Z",
                "value": "CVE-2024-28995 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:03:51.459Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "SolarWinds Serv-U",
              "vendor": "SolarWinds",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.4.2 HF 1 and previous versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Hussein Daher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.   \u003cp\u003e \u003c/p\u003e"
                }
              ],
              "value": "SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-06T09:01:23.314Z",
            "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
            "shortName": "SolarWinds"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cbr\u003eSolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.4.2 HF 2 as soon as it becomes available.\u003cbr\u003e \u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.4.2 HF 2 as soon as it becomes available."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SolarWinds Serv-U L Directory Transversal Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "assignerShortName": "SolarWinds",
        "cveId": "CVE-2024-28995",
        "datePublished": "2024-06-06T09:01:23.314Z",
        "dateReserved": "2024-03-13T20:27:09.783Z",
        "dateUpdated": "2025-10-21T23:05:16.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CERTFR-2026-AVI-0205

    Vulnerability from certfr_avis - Published: 2026-02-25 - Updated: 2026-02-25

    De multiples vulnérabilités ont été découvertes dans SolarWinds Serv-U. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    SolarWinds Serv-U Serv-U versions antérieures à 15.5.4
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Serv-U versions ant\u00e9rieures \u00e0 15.5.4",
          "product": {
            "name": "Serv-U",
            "vendor": {
              "name": "SolarWinds",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-40538",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-40538"
        },
        {
          "name": "CVE-2025-40541",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-40541"
        },
        {
          "name": "CVE-2025-40540",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-40540"
        },
        {
          "name": "CVE-2025-40539",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-40539"
        }
      ],
      "initial_release_date": "2026-02-25T00:00:00",
      "last_revision_date": "2026-02-25T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0205",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-02-25T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans SolarWinds Serv-U. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans SolarWinds Serv-U",
      "vendor_advisories": [
        {
          "published_at": "2026-02-24",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2025-40538",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40538"
        },
        {
          "published_at": "2026-02-24",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2025-40540",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40540"
        },
        {
          "published_at": "2026-02-24",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2025-40539",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40539"
        },
        {
          "published_at": "2026-02-24",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2025-40541",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40541"
        }
      ]
    }

    CERTFR-2025-AVI-1020

    Vulnerability from certfr_avis - Published: 2025-11-19 - Updated: 2025-11-19

    De multiples vulnérabilités ont été découvertes dans les produits SolarWinds. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    SolarWinds Observability Self-Hosted Observability Self-Hosted versions antérieures à 2025.4
    SolarWinds Serv-U Serv-U versions antérieures à 15.5.2.2.102
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Observability Self-Hosted versions ant\u00e9rieures \u00e0 2025.4",
          "product": {
            "name": "Observability Self-Hosted",
            "vendor": {
              "name": "SolarWinds",
              "scada": false
            }
          }
        },
        {
          "description": "Serv-U versions ant\u00e9rieures \u00e0 15.5.2.2.102",
          "product": {
            "name": "Serv-U",
            "vendor": {
              "name": "SolarWinds",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-40548",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-40548"
        },
        {
          "name": "CVE-2025-26391",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-26391"
        },
        {
          "name": "CVE-2025-40545",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-40545"
        },
        {
          "name": "CVE-2025-40547",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-40547"
        },
        {
          "name": "CVE-2025-40549",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-40549"
        }
      ],
      "initial_release_date": "2025-11-19T00:00:00",
      "last_revision_date": "2025-11-19T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-1020",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-11-19T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        },
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SolarWinds. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
      "vendor_advisories": [
        {
          "published_at": "2025-11-18",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2025-40548",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40548"
        },
        {
          "published_at": "2025-11-18",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2025-40549",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40549"
        },
        {
          "published_at": "2025-11-18",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2025-26391",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2025-26391"
        },
        {
          "published_at": "2025-11-18",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2025-40547",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40547"
        },
        {
          "published_at": "2025-11-18",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2025-40545",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40545"
        }
      ]
    }

    CERTFR-2025-AVI-0313

    Vulnerability from certfr_avis - Published: 2025-04-15 - Updated: 2025-04-15

    Une vulnérabilité a été découverte dans SolarWinds Serv-U. Elle permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    SolarWinds Serv-U Serv-U versions antérieures à 15.5.1
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Serv-U versions ant\u00e9rieures \u00e0 15.5.1",
          "product": {
            "name": "Serv-U",
            "vendor": {
              "name": "SolarWinds",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2024-45712",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45712"
        }
      ],
      "initial_release_date": "2025-04-15T00:00:00",
      "last_revision_date": "2025-04-15T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-0313",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-04-15T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans SolarWinds Serv-U. Elle permet \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0 distance (XSS).",
      "title": "Vuln\u00e9rabilit\u00e9 dans SolarWinds Serv-U",
      "vendor_advisories": [
        {
          "published_at": "2025-04-15",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2024-45712",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-45712"
        }
      ]
    }

    CERTFR-2024-AVI-0892

    Vulnerability from certfr_avis - Published: 2024-10-16 - Updated: 2024-10-16

    De multiples vulnérabilités ont été découvertes dans les produits SolarWinds. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une injection de code indirecte à distance (XSS).

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    SolarWinds Serv-U Serv-U versions 15.x antérieures à 15.5
    SolarWinds Platform SolarWinds Platform versions 2024.x antérieures à 2024.4
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Serv-U versions 15.x ant\u00e9rieures \u00e0 15.5",
          "product": {
            "name": "Serv-U",
            "vendor": {
              "name": "SolarWinds",
              "scada": false
            }
          }
        },
        {
          "description": "SolarWinds Platform versions 2024.x ant\u00e9rieures \u00e0 2024.4",
          "product": {
            "name": "Platform",
            "vendor": {
              "name": "SolarWinds",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2024-45715",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45715"
        },
        {
          "name": "CVE-2024-45710",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45710"
        },
        {
          "name": "CVE-2024-45714",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45714"
        },
        {
          "name": "CVE-2024-45711",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45711"
        }
      ],
      "initial_release_date": "2024-10-16T00:00:00",
      "last_revision_date": "2024-10-16T00:00:00",
      "links": [],
      "reference": "CERTFR-2024-AVI-0892",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-10-16T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        },
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SolarWinds. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une injection de code indirecte \u00e0 distance (XSS).",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SolarWinds",
      "vendor_advisories": [
        {
          "published_at": "2024-10-16",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2024-45714",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-45714"
        },
        {
          "published_at": "2024-10-17",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2024-45710",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-45710"
        },
        {
          "published_at": "2024-10-17",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2024-45715",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-45715"
        },
        {
          "published_at": "2024-10-16",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2024-45711",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-45711"
        }
      ]
    }

    CERTFR-2024-AVI-0467

    Vulnerability from certfr_avis - Published: 2024-06-07 - Updated: 2024-06-07

    Une vulnérabilité a été découverte dans SolarWinds Serv-U. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    SolarWinds Serv-U SolarWinds Serv-U versions antérieures à 15.4.2 HF 2
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "SolarWinds Serv-U versions ant\u00e9rieures \u00e0 15.4.2 HF 2",
          "product": {
            "name": "Serv-U",
            "vendor": {
              "name": "SolarWinds",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2024-28995",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-28995"
        }
      ],
      "initial_release_date": "2024-06-07T00:00:00",
      "last_revision_date": "2024-06-07T00:00:00",
      "links": [],
      "reference": "CERTFR-2024-AVI-0467",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-06-07T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans SolarWinds Serv-U. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
      "title": "Vuln\u00e9rabilit\u00e9 dans SolarWinds Serv-U",
      "vendor_advisories": [
        {
          "published_at": "2024-06-05",
          "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2024-28995",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995"
        }
      ]
    }

    VAR-202102-0355

    Vulnerability from variot - Updated: 2024-11-23 22:58

    SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS. Solarwinds SolarWinds Serv-U File Server is a file transfer server of SolarWinds (Solarwinds) in the United States.

    SolarWinds Serv-U File Server before 15.2.2 has a cross-site scripting vulnerability, which stems from the lack of correct verification of client data in the WEB application. The authenticated attacker can carry out a storage XSS attack

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0355",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "serv-u",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "solarwinds",
            "version": "15.2.2"
          },
          {
            "model": "serv-u file server",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "solarwinds",
            "version": "15.2.2"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-28001"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Jack Misiura",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202102-306"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-28001",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2020-28001",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2021-14808",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "id": "CVE-2020-28001",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-28001",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-14808",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202102-306",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-28001",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-28001"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202102-306"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-28001"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS. Solarwinds SolarWinds Serv-U File Server is a file transfer server of SolarWinds (Solarwinds) in the United States. \n\r\n\r\nSolarWinds Serv-U File Server before 15.2.2 has a cross-site scripting vulnerability, which stems from the lack of correct verification of client data in the WEB application. The authenticated attacker can carry out a storage XSS attack",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-28001"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-28001"
          }
        ],
        "trust": 1.53
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-28001",
            "trust": 2.3
          },
          {
            "db": "PACKETSTORM",
            "id": "161400",
            "trust": 1.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202102-306",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-28001",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-28001"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202102-306"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-28001"
          }
        ]
      },
      "id": "VAR-202102-0355",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:00.141000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for SolarWinds Serv-U File Server cross-site scripting vulnerability (CNVD-2021-14808)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/251196"
          },
          {
            "title": "SolarWinds Serv-U File Server Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=140770"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202102-306"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-28001"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "http://packetstormsecurity.com/files/161400/solarwinds-serv-u-ftp-server-15.2.1-cross-site-scripting.html"
          },
          {
            "trust": 1.7,
            "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-2_release_notes.htm"
          },
          {
            "trust": 1.7,
            "url": "https://www.themissinglink.com.au/security-advisories-cve-2020-28001"
          },
          {
            "trust": 1.6,
            "url": "http://seclists.org/fulldisclosure/2021/feb/37"
          },
          {
            "trust": 1.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28001"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-28001"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202102-306"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-28001"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-28001"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202102-306"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-28001"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-03-07T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          },
          {
            "date": "2021-02-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-28001"
          },
          {
            "date": "2021-02-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202102-306"
          },
          {
            "date": "2021-02-03T16:15:13.353000",
            "db": "NVD",
            "id": "CVE-2020-28001"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-03-07T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          },
          {
            "date": "2021-02-25T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-28001"
          },
          {
            "date": "2021-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202102-306"
          },
          {
            "date": "2024-11-21T05:22:10.800000",
            "db": "NVD",
            "id": "CVE-2020-28001"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202102-306"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SolarWinds Serv-U File Server cross-site scripting vulnerability (CNVD-2021-14808)",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-14808"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202102-306"
          }
        ],
        "trust": 0.6
      }
    }