CVE-2019-13181
First published: Mon Dec 16 2019(Updated: )
A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Solarwinds Serv-u Ftp Server | =15.1.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the CSV injection vulnerability in SolarWinds Serv-U FTP Server v15.1.7?
The vulnerability ID for the CSV injection vulnerability in SolarWinds Serv-U FTP Server v15.1.7 is CVE-2019-13181.
What is the severity of CVE-2019-13181?
The severity of CVE-2019-13181 is medium with a CVSS score of 6.5.
How does the CSV injection vulnerability work?
The CSV injection vulnerability allows an attacker to inject malicious commands into a CSV file, which can lead to the execution of arbitrary code or actions.
How can I fix the CSV injection vulnerability in SolarWinds Serv-U FTP Server v15.1.7?
To fix the CSV injection vulnerability in SolarWinds Serv-U FTP Server v15.1.7, it is recommended to upgrade to a patched version or apply the necessary security updates provided by SolarWinds.
Where can I find more information about CVE-2019-13181?
More information about CVE-2019-13181 can be found on the following references: [1](http://packetstormsecurity.com/files/155673/Serv-U-FTP-Server-15.1.7-CSV-Injection.html), [2](http://seclists.org/fulldisclosure/2019/Dec/33), [3](https://www.themissinglink.com.au/security-advisories-cve-2019-13181)
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/event
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/solarwinds
- canonical/solarwinds serv-u ftp server
- version/solarwinds serv-u ftp server/15.1.7