Serv-U MFT
by SolarWinds
CVEs (39)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-35211 | Cri | 0.84 | 9.0 | 0.91 | KEV | Jul 14, 2021 | Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File… | |
| CVE-2024-28995 | Hig | 0.79 | 8.6 | 1.00 | KEV | Jun 6, 2024 | SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. | |
| CVE-2019-12181 | Hig | 0.65 | 8.8 | 0.66 | Jun 17, 2019 | A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux. | ||
| CVE-2020-35481 | Cri | 0.64 | 9.8 | 0.01 | Feb 3, 2021 | SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection. | ||
| CVE-2026-28318 | Hig | 0.61 | 7.5 | 0.11 | KEV | Jun 4, 2026 | SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the… | |
| CVE-2025-40549 | Cri | 0.59 | 9.1 | 0.01 | Nov 18, 2025 | A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium… | ||
| CVE-2025-40548 | Cri | 0.59 | 9.1 | 0.01 | Nov 18, 2025 | A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services… | ||
| CVE-2025-40547 | Cri | 0.59 | 9.1 | 0.01 | Nov 18, 2025 | A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because… | ||
| CVE-2019-12769 | Hig | 0.57 | 8.8 | 0.01 | Mar 18, 2020 | SolarWinds Serv-U Managed File Transfer (MFT) Web client before 15.1.6 Hotfix 2 is vulnerable to Cross-Site Request Forgery in the file upload functionality via ?Command=Upload with the Dir and File parameters. | ||
| CVE-2024-28073 | Hig | 0.55 | 8.4 | 0.01 | Apr 17, 2024 | SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited. | ||
| CVE-2021-35245 | Hig | 0.55 | 8.4 | 0.01 | Dec 6, 2021 | When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine. | ||
| CVE-2021-35223 | Hig | 0.55 | 8.5 | 0.03 | Aug 31, 2021 | The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution. | ||
| CVE-2021-35242 | Hig | 0.54 | 8.3 | 0.01 | Dec 6, 2021 | Serv-U server responds with valid CSRFToken when the request contains only Session. | ||
| CVE-2021-35250 | Hig | 0.50 | 7.5 | 0.14 | Apr 25, 2022 | A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1. | ||
| CVE-2024-45711 | Hig | 0.49 | 7.5 | 0.06 | Oct 16, 2024 | SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are… | ||
| CVE-2023-23841 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2023 | SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data. | ||
| CVE-2021-3154 | Hig | 0.49 | 7.5 | 0.01 | May 4, 2021 | An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481. | ||
| CVE-2018-10240 | Hig | 0.48 | 7.3 | 0.01 | May 16, 2018 | SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. This session token's value can be brute-forced by an attacker to obtain the… | ||
| CVE-2023-40060 | Hig | 0.47 | 7.2 | 0.01 | Sep 7, 2023 | A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the… | ||
| CVE-2023-35179 | Hig | 0.47 | 7.2 | 0.01 | Aug 11, 2023 | A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. |
- risk 0.84cvss 9.0epss 0.91
Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File…
- risk 0.79cvss 8.6epss 1.00
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
- risk 0.65cvss 8.8epss 0.66
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.
- risk 0.64cvss 9.8epss 0.01
SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection.
- risk 0.61cvss 7.5epss 0.11
SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the…
- risk 0.59cvss 9.1epss 0.01
A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium…
- risk 0.59cvss 9.1epss 0.01
A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services…
- risk 0.59cvss 9.1epss 0.01
A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because…
- risk 0.57cvss 8.8epss 0.01
SolarWinds Serv-U Managed File Transfer (MFT) Web client before 15.1.6 Hotfix 2 is vulnerable to Cross-Site Request Forgery in the file upload functionality via ?Command=Upload with the Dir and File parameters.
- risk 0.55cvss 8.4epss 0.01
SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited.
- risk 0.55cvss 8.4epss 0.01
When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine.
- risk 0.55cvss 8.5epss 0.03
The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution.
- risk 0.54cvss 8.3epss 0.01
Serv-U server responds with valid CSRFToken when the request contains only Session.
- risk 0.50cvss 7.5epss 0.14
A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.
- risk 0.49cvss 7.5epss 0.06
SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are…
- risk 0.49cvss 7.5epss 0.00
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481.
- risk 0.48cvss 7.3epss 0.01
SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. This session token's value can be brute-forced by an attacker to obtain the…
- risk 0.47cvss 7.2epss 0.01
A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the…
- risk 0.47cvss 7.2epss 0.01
A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action.
Page 1 of 2