Posted by Jack Misiura via Fulldisclosure on Feb 11
Title: Path traversal
Product: SolarWinds Serv-U FTP Server
Vendor Homepage: https://www.solarwinds.com/
Vulnerable Version: 15.2.1 and lower
Fixed Version: 15.2.2
CVE Number: CVE-2020-27994
Author: Jack Misiura from The Missing Link
Website: https://www.themissinglink.com.au
Timeline:
2020-10-28 Disclosed to Vendor
2021-01-21 Vendor releases patched version
2021-08-02 Publication
1. Vulnerability Description
SolarWinds Serv-U File…
– Read More – Full Disclosure