Systems running Serv-U 15.2.3 HF1 and prior, Including
● Serv-U Managed File Transfer Server
● Serv-U Secured FTP
An attacker could leverage this vulnerability to gain access to the server running Serv-U and gain access to other devices in the same network.
A successful exploit of this vulnerability allows an attacker to run arbitrary codes with privileges and then allow the attacker to install programs, view, change, or delete data on the affected system.
● Executing unwanted applications
● Manipulation of the data
● Update the Serv-U version to 5.2.3 HF2 immediately
● Disable the Serv-U until applying the patch (Note- This may impact existing business functions and should be implemented after proper assessment)
The information provided herein is on an "as is" basis, without warranty of any kind.