CVE-2004-2532

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0520%

EPSS Percentile44.46th

PublishedDec 31, 2004

Last ModifiedApr 16, 2026

Vulnerability Description

Serv-U FTP server before 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then using the SITE EXEC command.

Affected Platforms (CPE)

📦

Solarwinds

Serv U File Server

<= 5.0.0.11

📦

Solarwinds

Serv U File Server

= 3.0.0.16

📦

Solarwinds

Serv U File Server

= 3.0.0.17

📦

Solarwinds

Serv U File Server

= 3.1.0.0

📦

Solarwinds

Serv U File Server

= 3.1.0.1

📦

Solarwinds

Serv U File Server

= 3.1.0.3

📦

Solarwinds

Serv U File Server

= 4.0.0.4

📦

Solarwinds

Serv U File Server

= 4.1.0.0

📦

Solarwinds

Serv U File Server

= 4.1.0.3

📦

Solarwinds

Serv U File Server

= 5.0.0.0

📦

Solarwinds

Serv U File Server

= 5.0.0.4

📦

Solarwinds

Serv U File Server

= 5.0.0.9

References & Advisories

🔗 http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0216.html

🔗 http://www.osvdb.org/8877

🔗 http://www.securityfocus.com/bid/10886

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16925

🔗 http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0216.html

🔗 http://www.osvdb.org/8877

🔗 http://www.securityfocus.com/bid/10886

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16925

Vulnerability Description

Affected Platforms (CPE)

Serv U File Server

Serv U File Server

Serv U File Server

Serv U File Server

Serv U File Server

Serv U File Server

Serv U File Server

Serv U File Server

Serv U File Server

Serv U File Server

Serv U File Server

Serv U File Server

References & Advisories

Related Vulnerabilities