Remote Code Execution Vulnerability in Serv-U File Server

Remote Code Execution Vulnerability in Serv-U File Server

CVE-2021-35223 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution.

Learn more about our Cis Benchmark Audit For Server Software.