Vendor CVEs
Rhinosoft
All CVEs
30 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-35211 | 0.26 | — | 0.91 | KEV | Jul 14, 2021 | Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File… | ||
| CVE-2024-28995 | 0.23 | — | 1.00 | KEV | Jun 6, 2024 | SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. | ||
| CVE-2021-35247 | 0.12 | — | 0.03 | KEV | Jan 7, 2022 | Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers… | ||
| CVE-2009-4006 | 0.10 | — | 0.83 | Nov 20, 2009 | Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string. | |||
| CVE-2004-2111 | 0.10 | — | 0.87 | Dec 31, 2004 | Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename. | |||
| CVE-2004-0330 | 0.10 | — | 0.85 | Nov 23, 2004 | Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command. | |||
| CVE-2021-35250 | 0.06 | — | 0.14 | Apr 25, 2022 | A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1. | |||
| CVE-2009-4873 | 0.05 | — | 0.21 | May 26, 2010 | Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie. | |||
| CVE-2007-1079 | 0.03 | — | 0.03 | Feb 22, 2007 | Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command. | |||
| CVE-2004-1691 | 0.03 | — | 0.04 | Sep 18, 2004 | The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data. | |||
| CVE-2004-1939 | 0.03 | — | 0.02 | Apr 14, 2004 | Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter. | |||
| CVE-1999-0838 | 0.03 | — | 0.02 | Dec 1, 1999 | Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command. | |||
| CVE-2024-45711 | 0.01 | — | 0.06 | Oct 16, 2024 | SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are… | |||
| CVE-2025-40541 | 0.00 | — | 0.01 | Feb 24, 2026 | An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is… | |||
| CVE-2025-40539 | 0.00 | — | 0.00 | Feb 24, 2026 | A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium… | |||
| CVE-2025-40538 | 0.00 | — | 0.01 | Feb 24, 2026 | A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative… | |||
| CVE-2025-40549 | 0.00 | — | 0.01 | Nov 18, 2025 | A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium… | |||
| CVE-2025-40547 | 0.00 | — | 0.01 | Nov 18, 2025 | A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because… | |||
| CVE-2024-45712 | 0.00 | — | 0.00 | Apr 15, 2025 | SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low. | |||
| CVE-2024-28073 | 0.00 | — | 0.01 | Apr 17, 2024 | SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited. | |||
| CVE-2023-40060 | 0.00 | — | 0.01 | Sep 7, 2023 | A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the… | |||
| CVE-2023-35179 | 0.00 | — | 0.01 | Aug 10, 2023 | A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. | |||
| CVE-2023-23841 | 0.00 | — | 0.00 | Jun 15, 2023 | SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data. | |||
| CVE-2021-35252 | 0.00 | — | 0.01 | Dec 16, 2022 | Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext. | |||
| CVE-2021-35249 | 0.00 | — | 0.01 | May 17, 2022 | This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a… | |||
| CVE-2021-35245 | 0.00 | — | 0.01 | Dec 6, 2021 | When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine. | |||
| CVE-2010-4154 | 0.00 | — | 0.02 | Nov 3, 2010 | Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. | |||
| CVE-2004-1690 | 0.00 | — | 0.01 | Sep 18, 2004 | Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL. | |||
| CVE-2001-1463 | 0.00 | — | 0.03 | Nov 19, 2001 | The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even when S/KEY One-Time Password (OTP) authentication is enabled, which allows remote attackers to sniff passwords. | |||
| CVE-2001-1103 | 0.00 | — | 0.02 | Mar 3, 2001 | FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands. |
- risk 0.26cvss —epss 0.91
Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File…
- risk 0.23cvss —epss 1.00
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
- risk 0.12cvss —epss 0.03
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers…
- CVE-2009-4006Nov 20, 2009risk 0.10cvss —epss 0.83
Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string.
- CVE-2004-2111Dec 31, 2004risk 0.10cvss —epss 0.87
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
- CVE-2004-0330Nov 23, 2004risk 0.10cvss —epss 0.85
Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.
- CVE-2021-35250Apr 25, 2022risk 0.06cvss —epss 0.14
A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.
- CVE-2009-4873May 26, 2010risk 0.05cvss —epss 0.21
Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie.
- CVE-2007-1079Feb 22, 2007risk 0.03cvss —epss 0.03
Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command.
- CVE-2004-1691Sep 18, 2004risk 0.03cvss —epss 0.04
The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data.
- CVE-2004-1939Apr 14, 2004risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter.
- CVE-1999-0838Dec 1, 1999risk 0.03cvss —epss 0.02
Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command.
- CVE-2024-45711Oct 16, 2024risk 0.01cvss —epss 0.06
SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are…
- CVE-2025-40541Feb 24, 2026risk 0.00cvss —epss 0.01
An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is…
- CVE-2025-40539Feb 24, 2026risk 0.00cvss —epss 0.00
A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium…
- CVE-2025-40538Feb 24, 2026risk 0.00cvss —epss 0.01
A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative…
- CVE-2025-40549Nov 18, 2025risk 0.00cvss —epss 0.01
A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium…
- CVE-2025-40547Nov 18, 2025risk 0.00cvss —epss 0.01
A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because…
- CVE-2024-45712Apr 15, 2025risk 0.00cvss —epss 0.00
SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low.
- CVE-2024-28073Apr 17, 2024risk 0.00cvss —epss 0.01
SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited.
- CVE-2023-40060Sep 7, 2023risk 0.00cvss —epss 0.01
A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the…
- CVE-2023-35179Aug 10, 2023risk 0.00cvss —epss 0.01
A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action.
- CVE-2023-23841Jun 15, 2023risk 0.00cvss —epss 0.00
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data.
- CVE-2021-35252Dec 16, 2022risk 0.00cvss —epss 0.01
Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.
- CVE-2021-35249May 17, 2022risk 0.00cvss —epss 0.01
This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a…
- CVE-2021-35245Dec 6, 2021risk 0.00cvss —epss 0.01
When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine.
- CVE-2010-4154Nov 3, 2010risk 0.00cvss —epss 0.02
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
- CVE-2004-1690Sep 18, 2004risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL.
- CVE-2001-1463Nov 19, 2001risk 0.00cvss —epss 0.03
The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even when S/KEY One-Time Password (OTP) authentication is enabled, which allows remote attackers to sniff passwords.
- CVE-2001-1103Mar 3, 2001risk 0.00cvss —epss 0.02
FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands.