SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/151473/SolarWinds-Serv-U-FTP-15.1.6-Privilege-Escalation.html | Exploit VDB Entry Third Party Advisory |
http://seclists.org/fulldisclosure/2019/Feb/4 | Exploit Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/106844 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-17T21:34:13
Updated: 2019-03-17T21:34:13
Reserved: 2018-08-27T00:00:00
Link: CVE-2018-15906
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-03-21T16:00:21.467
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-15906
JSON object: View
Redhat Information
No data.
CWE