Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Serv-U — Vulnerabilities & Security Advisories 17

All 17 CVE vulnerabilities found in Serv-U, with AI-generated Chinese analysis, references, and POCs.

Vendor: SolarWinds

CVE IDTitleCVSSSeverityPublished
CVE-2025-40541 SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability CWE-704 9.1 Critical2026-02-24
CVE-2025-40540 SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability CWE-704 9.1 Critical2026-02-24
CVE-2025-40539 SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability CWE-704 9.1 Critical2026-02-24
CVE-2025-40538 SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability CWE-269 9.1 Critical2026-02-24
CVE-2025-40549 SolarWinds Serv-U Path Restriction Bypass Vulnerability CWE-22 9.1 Critical2025-11-18
CVE-2025-40548 SolarWinds Serv-U Broken Access Control - Remote Code Execution Vulnerability CWE-269 9.1 Critical2025-11-18
CVE-2025-40547 SolarWinds Serv-U Logic Abuse - Remote Code Execution Vulnerability CWE-116 9.1 Critical2025-11-18
CVE-2024-45712 SolarWinds Serv-U Client-Side Cross-Site Scripting Vulnerability CWE-79 2.6 Low2025-04-15
CVE-2024-45711 SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability CWE-22 7.5 High2024-10-16
CVE-2024-45714 SolarWinds Serv-U Stored XSS Vulnerability CWE-79 4.8 Medium2024-10-16
CVE-2024-28072 Arbitrary File Overwrite Vulnerability CWE-532 5.7 Medium2024-05-03
CVE-2023-40053 HTML injection Vulnerability in Serv-U 15.4 CWE-20 5.0 Medium2023-12-06
CVE-2023-40060 2FA/MFA Bypass Vulnerability in Serv-U 15.4 and 15.4 Hotfix 1 CWE-284 7.2 High2023-09-07
CVE-2021-35249 Domain Admin Broken Access Control CWE-284 4.3 Medium2022-05-17
CVE-2021-35250 Directory Transversal Vulnerability in Serv-U 15.3 CWE-22 7.5 High2022-04-25
CVE-2021-35247 Improper Input Validation Vulnerability in Serv-U CWE-20 4.3 Medium2022-01-07
CVE-2021-35223 Execute Command Function Allows Remote Code Execution (RCE)Vulnerability CWE-20 8.5 High2021-08-31

All 17 known CVE vulnerabilities affecting Serv-U with full Chinese analysis, references, and POCs where available.