Arbitrary Code Execution via SolarWinds Serv-U FTP Server 15.1.6 Import Feature

Arbitrary Code Execution via SolarWinds Serv-U FTP Server 15.1.6 Import Feature

CVE-2018-15906 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.

Learn more about our Cis Benchmark Audit For Server Software.