Vulnerabilities > CVE-2019-13181 - Improper Neutralization of Formula Elements in a CSV File vulnerability in Solarwinds Serv-U FTP Server 15.1.7
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Packetstorm
| data source | https://packetstormsecurity.com/files/download/155673/servuftpcsv-inject.txt |
| id | PACKETSTORM:155673 |
| last seen | 2019-12-16 |
| published | 2019-12-16 |
| reporter | Richard Tan |
| source | https://packetstormsecurity.com/files/155673/Serv-U-FTP-Server-15.1.7-CSV-Injection.html |
| title | Serv-U FTP Server 15.1.7 CSV Injection |
References
- http://packetstormsecurity.com/files/155673/Serv-U-FTP-Server-15.1.7-CSV-Injection.html
- http://packetstormsecurity.com/files/155673/Serv-U-FTP-Server-15.1.7-CSV-Injection.html
- http://seclists.org/fulldisclosure/2019/Dec/33
- http://seclists.org/fulldisclosure/2019/Dec/33
- https://www.themissinglink.com.au/security-advisories-cve-2019-13181
- https://www.themissinglink.com.au/security-advisories-cve-2019-13181