This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote host is running a web application affected by a remote code
The remote host is running a version of SolarWinds Storage Resource
Monitor (formerly SolarWinds Storage Manager) prior to 6.2. It is,
therefore, affected by a remote code execution vulnerability due to
improper sanitization of user-uploaded files by the
ProcessFileUpload.jsp script. An unauthenticated, remote attacker can
exploit this vulnerability to upload malicious PHP scripts, resulting
in the execution of arbitrary code with the privileges of the web
See also :
Upgrade to SolarWinds Storage Manager version 6.2 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true