Serv-u FTP Server < 15.1.7 local authority enhancement vulnerability

Summary

Serv-u is an award winning FTP Server software developed by Rob Beckers, full name: serv-u FTP Server, it is powerful and easy to use.Serv-u is not only 100% compliant with common FTP standards, but also includes a number of unique features that provide the perfect solution for file sharing for every user.

There is a local authority enhancement vulnerability in SolarWinds serv-u 15.1.7 and earlier that can be used by authenticated remote non-privileged attackers to perform privileged operations in the Web administration interface.


Solution

At present, the manufacturer has issued an update patch to fix the vulnerability, and the patch gets the link:

https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-1-7_release_notes.htm