CVE-2015-5371

SolarWinds Storage Manager - Remote Code Execution via Script Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-5371. Includes Metasploit module exploits/multi/http/solarwinds_store_manager_auth_filter.

AI-analyzed exploit summary This Metasploit module exploits an authentication bypass vulnerability in SolarWinds Storage Manager, allowing unauthenticated file upload and remote code execution via JSP payloads. It targets versions up to 5.7.1 by leveraging a path traversal flaw in the AuthenticationFilter.

Description

The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload and execute arbitrary scripts via unspecified vectors.

Exploits (1)

metasploit WORKING POC EXCELLENT

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/solarwinds_store_manager_auth_filter.rb

View Code ZIP pw:eip

This Metasploit module exploits an authentication bypass vulnerability in SolarWinds Storage Manager, allowing unauthenticated file upload and remote code execution via JSP payloads. It targets versions up to 5.7.1 by leveraging a path traversal flaw in the AuthenticationFilter.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SolarWinds Storage Manager <= 5.7.1

No auth needed

Prerequisites: Network access to port 9000 · Target running vulnerable SolarWinds Storage Manager

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-15-275/

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/75515

Scores

EPSS 0.9316

EPSS Percentile 99.8%

Details

Status published

Products (1)

solarwinds/storage_manager

Published Jul 06, 2015

Tracked Since Feb 18, 2026