Directory Traversal Vulnerability in Serv-U FTP Server by Serv-U Technologies
CVE-2011-4800

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 14 December 2011

Summary

A directory traversal vulnerability exists in the Serv-U FTP Server prior to version 11.1.0.5, allowing authenticated remote users to exploit the system. By sending specially crafted commands using the '..:/' sequence, attackers can gain unauthorized access to files and directories. This vulnerability not only permits the reading and writing of arbitrary files but also allows the listing and creation of directories, significantly compromising the security of the affected system.

References

http://archives.neohapsis.com/archives/fulldisclosure/201...

mailing-listx_refsource_FULLDISC

http://secunia.com/advisories/47021

third-party-advisoryx_refsource_SECUNIA

http://www.serv-u.com/releasenotes/

x_refsource_CONFIRM

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 14, 2011