CVE-2018-19999

Local Privilege Escalation via Serv-U FTP Server | The Missing Link

Discovered by Chris Moberly on behalf of The Missing Link Security

Vulnerability Details

The Serv-U FTP Server is vulnerable to authentication bypass leading to privilege escalation in Windows operating environments due to broken access controls. This can only be exploited by users who already have local access to the Serv-U server.

Affected Versions

Vulnerable version: 15.1.6.25 and earlier
Fixed in: 15.1.7

 

Latest News

Living off the land (LotL) Attacks: How cybercriminals exploit your own tools

Living off the land (LotL) Attacks: AI and Machine Learning as your best defence

You’ve chosen a managed IT service provider – what comes next?

See All News