CVE-2009-1031
Solarwinds Serv-u File Server - Path Traversal
Title source: ruleDescription
Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Jonathan Salwan · perlremotewindows
https://www.exploit-db.com/exploits/8211
References (6)
Scores
EPSS
0.1482
EPSS Percentile
94.5%
Details
CWE
CWE-22
Status
published
Products (14)
solarwinds/serv-u_file_server
7.0.0.1
solarwinds/serv-u_file_server
7.0.0.2
solarwinds/serv-u_file_server
7.0.0.3
solarwinds/serv-u_file_server
7.0.0.4
solarwinds/serv-u_file_server
7.1.0.0
solarwinds/serv-u_file_server
7.1.0.1
solarwinds/serv-u_file_server
7.1.0.2
solarwinds/serv-u_file_server
7.2.0.0
solarwinds/serv-u_file_server
7.2.0.1
solarwinds/serv-u_file_server
7.3.0.0
... and 4 more
Published
Mar 20, 2009
Tracked Since
Feb 18, 2026