logo

CVE-2024-28995 - SolarWinds Serv-U Path Traversal Vulnerability

CVE-2024-28995

SolarWinds | Serv-U

  • Date Added:
  • 2024-07-17
  • Due Date:
  • 2024-08-07
Vulnerability Name

SolarWinds Serv-U Path Traversal Vulnerability

Description

SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes
https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995; https://nvd.nist.gov/vuln/detail/CVE-2024-28995
Related News Articles

Free security scan for your website