### [CVE-2021-35211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35211)
![](https://img.shields.io/static/v1?label=Product&message=Serv-U%20Managed%20File%20Transfer%20Server%20and%20Serv-U%20Secured%20FTP&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=SolarWinds%20Serv-U%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Memory%20Escape%20Vulnerability%20in%20Solarwinds%20Serv-U&color=brightgreen)

### Description

Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability.

### POC

#### Reference
- https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211

#### Github
- https://github.com/0xhaggis/CVE-2021-35211
- https://github.com/ARPSyndicate/cvemon
- https://github.com/BishopFox/CVE-2021-35211
- https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/NattiSamson/Serv-U-CVE-2021-35211
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Panopticon-Project/panopticon-TA505
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/k0imet/CVE-POCs
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
- https://github.com/zecool/cve