Cybersecurity Alerts

SolarWinds Serv-U Path Traversal Vulnerability

SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine.

Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weakness Classification

CWE-22

References

• https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995
• https://nvd.nist.gov/vuln/detail/CVE-2024-28995