📦

ftp_voyager

Vendor: solarwinds

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 0 Remote Access

Total CVEs 19 Total Indexed

Avg. EPSS 0.11% Exploit Prob.

Latest CVE CVE-2018-25252 Apr 04

Security Vulnerability Index

Page 1 / 2

6.9 CVSS

CVE-2018-25252

FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP field to trigger a buffer overflow that crashes the FTP Voyager process.

EPSS: 0.04%

Severity: MEDIUM

Apr 04, 2026

8.8 CVSS

CVE-2017-6803

Exploit Found

Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in the Scheduler in SolarWinds (formerly Serv-U) FTP Voyager 16.2.0 allow remote attackers to hijack the authentication of users for requests that (1) change the admin password, (2) terminate the scheduler, or (3) possibly execute arbitrary commands via crafted requests to Admin/XML/Result.xml.

EPSS: 0.18%

Severity: HIGH

Mar 20, 2017

Displaying 2 of 19 Total Entries

1 2

Total 2 Sections