CVE-2001-0054
SolarWinds Serv-U File Server - Path Traversal via CD Command
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2001-0054. PoCs published by Zoa_Chien.
AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in FTP Serv-U, allowing authenticated users to access files outside their home directory by using specially crafted GET requests with encoded path traversal sequences.
Description
Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack.
Exploits (1)
This exploit demonstrates a directory traversal vulnerability in FTP Serv-U, allowing authenticated users to access files outside their home directory by using specially crafted GET requests with encoded path traversal sequences.