CVE-2011-4800

Serv-U File Server < 11.1.0.5 - Authenticated Path Traversal via Dot-Dot-Colon-Slash Sequence

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4800. PoCs published by kingcope.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in Serv-U FTP Server versions prior to 11.1.0.5, allowing unauthorized access to files outside the intended directory structure. The PoC shows how an attacker can escape the FTP jail using path manipulation techniques.

Description

Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands.

Exploits (1)

exploitdb WORKING POC VERIFIED

by kingcope · textremotewindows

https://www.exploit-db.com/exploits/18182

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in Serv-U FTP Server versions prior to 11.1.0.5, allowing unauthorized access to files outside the intended directory structure. The PoC shows how an attacker can escape the FTP jail using path manipulation techniques.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Serv-U FTP Server (versions prior to 11.1.0.5)

Auth required

Prerequisites: Access to an affected Serv-U FTP Server · Valid FTP credentials (even anonymous)

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources x_refsource_confirm

http://www.serv-u.com/releasenotes/

Exploit mailing-list x_refsource_fulldisc

http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0454.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/47021

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/18182

Scores

EPSS 0.0838

EPSS Percentile 94.2%

Details

CWE

CWE-22

Status published

Products (50)

solarwinds/serv-u_file_server 3.0.0.16

solarwinds/serv-u_file_server 3.0.0.17

solarwinds/serv-u_file_server 3.1.0.0

solarwinds/serv-u_file_server 3.1.0.1

solarwinds/serv-u_file_server 3.1.0.3

solarwinds/serv-u_file_server 4.0.0.4

solarwinds/serv-u_file_server 4.1.0.0

solarwinds/serv-u_file_server 4.1.0.3

solarwinds/serv-u_file_server 5.0.0.0

solarwinds/serv-u_file_server 5.0.0.4

... and 40 more

Published Dec 14, 2011

Tracked Since Feb 18, 2026