Active Exploitation of SolarWinds Serv-U Flaw for Accessing Private Data

Threat Level – Red | Vulnerability Report
Download PDF

Summary:

Threat actors are actively exploiting a critical path-traversal vulnerability, CVE-2024-28995, in SolarWinds Serv-U. By leveraging publicly available proof-of-concept (PoC) exploits, attackers can successfully exploit this vulnerability, allowing unauthenticated access to read sensitive files on the target server.
 

Threat Level – Red | Vulnerability Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox