Directory Traversal Vulnerability in Serv-U FTP Server by Serv-U Technologies
CVE-2011-4800

Currently unrated

Key Information:

Vendor

Solarwinds
Status
Serv-u File Server
Vendor
CVE Published:
14 December 2011

What is CVE-2011-4800?

A directory traversal vulnerability exists in the Serv-U FTP Server prior to version 11.1.0.5, allowing authenticated remote users to exploit the system. By sending specially crafted commands using the '..:/' sequence, attackers can gain unauthorized access to files and directories. This vulnerability not only permits the reading and writing of arbitrary files but also allows the listing and creation of directories, significantly compromising the security of the affected system.

References

http://archives.neohapsis.com/archives/fulldisclosure/201...
mailing-listx_refsource_FULLDISC
http://secunia.com/advisories/47021
third-party-advisoryx_refsource_SECUNIA
http://www.serv-u.com/releasenotes/
x_refsource_CONFIRM

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.