all InfoSec news
A Vulnerability in SolarWinds Serv-U Could Allow for Remote Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
A vulnerability has been discovered in SolarWinds Serv-U, which could result in remote code execution. SolarWinds Serv-U is an FTP server software for secure file transfer. Successful exploitation of this vulnerability could allow for remote code execution within the context of a privileged process. Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer …
code code execution remote code execution serv-u solarwinds vulnerability