Serv U
by Rhinosoft
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-35211 | 0.26 | — | 0.91 | KEV | Jul 14, 2021 | Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File… | ||
| CVE-2024-28995 | 0.23 | — | 1.00 | KEV | Jun 6, 2024 | SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. | ||
| CVE-2021-35247 | 0.12 | — | 0.03 | KEV | Jan 7, 2022 | Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers… | ||
| CVE-2009-4006 | 0.10 | — | 0.83 | Nov 20, 2009 | Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string. | |||
| CVE-2004-2111 | 0.10 | — | 0.87 | Dec 31, 2004 | Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename. | |||
| CVE-2004-0330 | 0.10 | — | 0.85 | Nov 23, 2004 | Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command. | |||
| CVE-2021-35250 | 0.06 | — | 0.14 | Apr 25, 2022 | A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1. | |||
| CVE-2009-4873 | 0.05 | — | 0.21 | May 26, 2010 | Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie. | |||
| CVE-1999-0838 | 0.03 | — | 0.02 | Dec 1, 1999 | Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command. | |||
| CVE-2024-45711 | 0.01 | — | 0.06 | Oct 16, 2024 | SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are… | |||
| CVE-2025-40541 | 0.00 | — | 0.01 | Feb 24, 2026 | An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is… | |||
| CVE-2025-40539 | 0.00 | — | 0.00 | Feb 24, 2026 | A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium… | |||
| CVE-2025-40538 | 0.00 | — | 0.01 | Feb 24, 2026 | A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative… | |||
| CVE-2025-40549 | 0.00 | — | 0.01 | Nov 18, 2025 | A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium… | |||
| CVE-2025-40547 | 0.00 | — | 0.01 | Nov 18, 2025 | A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because… | |||
| CVE-2024-45712 | 0.00 | — | 0.00 | Apr 15, 2025 | SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low. | |||
| CVE-2024-28073 | 0.00 | — | 0.01 | Apr 17, 2024 | SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited. | |||
| CVE-2023-40060 | 0.00 | — | 0.01 | Sep 7, 2023 | A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the… | |||
| CVE-2023-35179 | 0.00 | — | 0.01 | Aug 10, 2023 | A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. | |||
| CVE-2023-23841 | 0.00 | — | 0.00 | Jun 15, 2023 | SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data. |
- risk 0.26cvss —epss 0.91
Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File…
- risk 0.23cvss —epss 1.00
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
- risk 0.12cvss —epss 0.03
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers…
- CVE-2009-4006Nov 20, 2009risk 0.10cvss —epss 0.83
Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string.
- CVE-2004-2111Dec 31, 2004risk 0.10cvss —epss 0.87
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
- CVE-2004-0330Nov 23, 2004risk 0.10cvss —epss 0.85
Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.
- CVE-2021-35250Apr 25, 2022risk 0.06cvss —epss 0.14
A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.
- CVE-2009-4873May 26, 2010risk 0.05cvss —epss 0.21
Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie.
- CVE-1999-0838Dec 1, 1999risk 0.03cvss —epss 0.02
Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command.
- CVE-2024-45711Oct 16, 2024risk 0.01cvss —epss 0.06
SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are…
- CVE-2025-40541Feb 24, 2026risk 0.00cvss —epss 0.01
An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is…
- CVE-2025-40539Feb 24, 2026risk 0.00cvss —epss 0.00
A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium…
- CVE-2025-40538Feb 24, 2026risk 0.00cvss —epss 0.01
A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative…
- CVE-2025-40549Nov 18, 2025risk 0.00cvss —epss 0.01
A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium…
- CVE-2025-40547Nov 18, 2025risk 0.00cvss —epss 0.01
A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because…
- CVE-2024-45712Apr 15, 2025risk 0.00cvss —epss 0.00
SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low.
- CVE-2024-28073Apr 17, 2024risk 0.00cvss —epss 0.01
SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited.
- CVE-2023-40060Sep 7, 2023risk 0.00cvss —epss 0.01
A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the…
- CVE-2023-35179Aug 10, 2023risk 0.00cvss —epss 0.01
A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action.
- CVE-2023-23841Jun 15, 2023risk 0.00cvss —epss 0.00
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data.
Page 1 of 2