Description Preview
SolarWinds Serv-U FTP Server versions prior to 15.2.2 contain a directory traversal vulnerability (CWE-22) that allows authenticated users to access files and directories outside the intended directory structure. This vulnerability could potentially allow attackers to read, modify, or delete sensitive files on the affected system, leading to unauthorized access to critical information or system compromise.
Overview
This vulnerability (CVE-2020-27994) affects SolarWinds Serv-U FTP Server versions 15.2.1 and earlier. The issue stems from improper validation of user-supplied input, allowing authenticated users to traverse directory paths using "../" sequences or similar techniques. By exploiting this vulnerability, attackers can bypass directory restrictions and access files outside the designated FTP directories. This could lead to unauthorized access to sensitive system files, configuration files, or other critical data stored on the server. The vulnerability requires authentication, which somewhat limits its exploitation potential, but still presents a significant security risk for organizations using affected versions.
Remediation
To address this vulnerability, organizations should take the following steps:
- Update to SolarWinds Serv-U version 15.2.2 or later, which contains the fix for this vulnerability.
- If immediate updating is not possible, implement the following temporary mitigations:
- Restrict FTP server access to trusted IP addresses only
- Implement strong authentication mechanisms and regularly rotate credentials
- Monitor FTP server logs for suspicious access patterns or unusual file access requests
- Consider using a network-level firewall to further restrict access to the FTP server
- Conduct a security review to determine if the vulnerability has been exploited:
- Check logs for unusual file access patterns
- Verify the integrity of critical system files
- Look for evidence of unauthorized data access or exfiltration
- Review user permissions and implement the principle of least privilege for all FTP accounts
References
- SolarWinds Serv-U 15.2.2 Release Notes: https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm
- Path Traversal in SolarWinds Serv-U File Server <=15.2.1: http://seclists.org/fulldisclosure/2021/Feb/36
- SolarWinds Serv-U FTP Server 15.2.1 Path Traversal Exploit: http://packetstormsecurity.com/files/161399/SolarWinds-Serv-U-FTP-Server-15.2.1-Path-Traversal.html
- The Missing Link Security Advisory for CVE-2020-27994: https://www.themissinglink.com.au/security-advisories-cve-2020-27994
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory: https://cwe.mitre.org/data/definitions/22.html
Industry ExposureMost to leastThis section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
- Health Care & Social AssistanceHealth Care & Social Assistance
- ManufacturingManufacturing
- Accommodation & Food ServicesAccommodation & Food Services
- Administrative, Support, Waste Management & Remediation ServicesAdministrative, Support, Waste Management & Remediation Services
- Agriculture, Forestry Fishing & HuntingAgriculture, Forestry Fishing & Hunting
- Arts, Entertainment & RecreationArts, Entertainment & Recreation
- ConstructionConstruction
- Educational ServicesEducational Services
- Finance and InsuranceFinance and Insurance
- InformationInformation
- Management of Companies & EnterprisesManagement of Companies & Enterprises
- MiningMining
- Other Services (except Public Administration)Other Services (except Public Administration)
- Professional, Scientific, & Technical ServicesProfessional, Scientific, & Technical Services
- Public AdministrationPublic Administration
- Real Estate Rental & LeasingReal Estate Rental & Leasing
- Retail TradeRetail Trade
- Transportation & WarehousingTransportation & Warehousing
- UtilitiesUtilities
- Wholesale TradeWholesale Trade
