Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-35211
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Serv-U Remote Memory Escape Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
SolarWinds Serv-U FTP Server 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SolarWinds Serv-U FTP Server是美国SolarWinds公司的一套FTP和MFT文件传输软件。 SolarWinds Serv-U FTP Server 存在缓冲区错误漏洞,该漏洞源于边界错误而存在漏洞。攻击者可利用该漏洞向server - u服务器发送专门设计的请求,触发内存损坏并在目标系统上执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
SolarWindsServ-U Managed File Transfer Server and Serv-U Secured FTP SolarWinds Serv-U ~ 15.2.3 HF1 -
II. Public POCs for CVE-2021-35211
#POC DescriptionSource LinkShenlong Link
1Simple Serv-U CVE-2021-35211 PoChttps://github.com/NattiSamson/Serv-U-CVE-2021-35211POC Details
2Serv-U-FTP CVE-2021-35211 exploithttps://github.com/0xhaggis/CVE-2021-35211POC Details
3Nonehttps://github.com/BishopFox/CVE-2021-35211POC Details
4SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 contain a remote memory escape caused remote code execution vulnerability, letting attackers gain privileged access, exploit requires remote attacker to send crafted memory operations. https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/cves/2021/CVE-2021-35211.yamlPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2021-35211
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same vendor: SolarWinds
V. Comments for CVE-2021-35211

No comments yet

Leave a comment