CNNVD-202511-2103 Information

CNNVD ID

CNNVD-202511-2103

Related CVE

CVE-2025-40549

• CNNVD Published: 2025-11-18

Description (Chinese)

SolarWinds Serv-U是美国SolarWinds公司的一款 FTP（文件传输协议）服务器软件。 SolarWinds Serv-U存在路径遍历漏洞，该漏洞源于路径限制绕过，可能导致管理员权限的攻击者在目录中执行代码。

Description (English)

SolarWinds Serv-U is a FTP (document transfer protocol) server software from SolarWinds, United States. SolarWinds Serv-U has a loophole in its path, which stems from the route restriction bypassing, which may result in the assailant of the administrator ’ s permission to execute the code in the directory.

Hazard Level

Low

Vulnerability Type

路径遍历

Affected Vendor

SolarWinds

Published

2025-11-18

Last Modified

2026-02-24

References

https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-3_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40549

Patch

https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-3_release_notes.htm