Security Advisory

CVE-2025-40549

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-18 08:41:24

Last updated 2026-02-26 16:56:45

Assigner SolarWinds

State PUBLISHED

Description

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences in how paths and home directories are handled.

← Browse all CVEs View on cve.org ↗