Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Execute Command Function Allows Remote Code Execution (RCE)Vulnerability
Vulnerability Description
The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
SolarWinds Serv-U File Server 安全漏洞
Vulnerability Description
SolarWinds Serv-U FTP Server是美国SolarWinds公司的一套FTP和MFT文件传输软件。 SolarWinds Serv-U File Server 存在安全漏洞,该漏洞源于。Server - u File Server允许通过执行命令来审计用户登录失败等事件。该命令可以提供用户字符串变量形式的参数,从而允许远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A