Vulnerability identifier: #VU49924
Vulnerability risk: Medium
CVSSv3.1: 7.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-22
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Orion Platform
Server applications /
Remote management servers, RDP, SSH
Orion Network Performance Monitor
Web applications /
Other software
Vendor: SolarWinds
Description
The vulnerability allows a remote user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within VulnerabilitySettings.aspx in SolarWinds Network Performance Monitor. A remote user can send a specially crafted HTTP request and create arbitrary files on the system in arbitrary directories.
Successful exploitation of the vulnerability can lead to arbitrary code execution in the context of SYSTEM account.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Orion Platform: 2019.2 - 2020.2.1 HF 1
Orion Network Performance Monitor: 2019.4 - 2020.2 Hotfix 1
External links
http://www.zerodayinitiative.com/advisories/ZDI-21-067/
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.