Known Vulnerabilities for Serv-u Ftp Server by Solarwinds

Listed below are 10 of the newest known vulnerabilities associated with "Serv-u Ftp Server" by "Solarwinds".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2020-22428 json SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin)... 4.8 - MEDIUM 2021-05-05 2021-05-17
CVE-2020-15543 json SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path. 9.8 - CRITICAL 2020-07-05 2020-07-15
CVE-2020-15542 json SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command. 9.8 - CRITICAL 2020-07-05 2020-07-15
CVE-2020-15541 json SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution. 9.8 - CRITICAL 2020-07-05 2021-07-21
CVE-2019-19829 json A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different ... 5.4 - MEDIUM 2019-12-18 2019-12-23
CVE-2019-13182 json A stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7. 5.4 - MEDIUM 2019-12-16 2019-12-18
CVE-2019-13181 json A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7. 6.5 - MEDIUM 2019-12-16 2020-08-24
CVE-2019-12181 json A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux. 8.8 - HIGH 2019-06-17 2023-01-30
CVE-2018-19999 json The local management interface in SolarWinds Serv-U FTP Server 15.1.6.25 has incorrect access controls that permit local user... 7.8 - HIGH 2019-06-07 2019-06-10
CVE-2018-19934 json SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting (XSS) in the Web management interface via URL path ... 4.8 - MEDIUM 2019-03-21 2019-03-25
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationSolarwindsServ-u Ftp Server15.2.1
ApplicationSolarwindsServ-u Ftp Server15.2
ApplicationSolarwindsServ-u Ftp Server15.1.7
ApplicationSolarwindsServ-u Ftp Server15.1.6.25
ApplicationSolarwindsServ-u Ftp Server15.1.6
ApplicationSolarwindsServ-u Ftp Server15.1
ApplicationSolarwindsServ-u Ftp Server15.0
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report