High-Severity Vulnerability in SolarWinds Serv-U File Servers

Published on 10 Jun 2024

SolarWinds has released security updates addressing a high severity vulnerability (CVE-2024-28995) affecting their Serv-U File Server products.

Successful exploitation of the directory traversal vulnerability could allow an unauthenticated attacker to access sensitive files on the victims' machines.

The vulnerability affects version SolarWinds Serv-U version 15.4.2 HF 1 and earlier.

Users and administrators of affected product versions are advised to update to the latest version immediately.

More information is available here:

https://nvd.nist.gov/vuln/detail/CVE-2024-28995

https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995

https://www.helpnetsecurity.com/2024/06/07/cve-2024-28995/