Vulnerabilities > CVE-2018-15906 - Unspecified vulnerability in Solarwinds Serv-U FTP Server 15.1.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/151473/solarwinds1516-escalate.txt |
| id | PACKETSTORM:151473 |
| last seen | 2019-02-02 |
| published | 2019-02-02 |
| reporter | Chris Moberly |
| source | https://packetstormsecurity.com/files/151473/SolarWinds-Serv-U-FTP-15.1.6-Privilege-Escalation.html |
| title | SolarWinds Serv-U FTP 15.1.6 Privilege Escalation |
References
- http://packetstormsecurity.com/files/151473/SolarWinds-Serv-U-FTP-15.1.6-Privilege-Escalation.html
- http://packetstormsecurity.com/files/151473/SolarWinds-Serv-U-FTP-15.1.6-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2019/Feb/4
- http://seclists.org/fulldisclosure/2019/Feb/4
- http://www.securityfocus.com/bid/106844
- http://www.securityfocus.com/bid/106844