Solarwinds Sftp/scp Server — known CVE vulnerabilities
Every CVE whose affected-product data names Solarwinds Sftp/scp Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-16791 — CVSS 9.8 (critical): In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an…
CVE-2018-16792 — CVSS 9.1 (critical): SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an…