Active Exploitation of SolarWinds Serv-U Flaw for Accessing Private Data
Active Exploitation of SolarWinds Serv-U Flaw for Accessing Private Data
Summary:
Threat actors are actively exploiting a critical path-traversal vulnerability, CVE-2024-28995, in SolarWinds Serv-U. By leveraging publicly available proof-of-concept (PoC) exploits, attackers can successfully exploit this vulnerability, allowing unauthenticated access to read sensitive files on the target server.
Threat Level – Red | Vulnerability Report
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.