CVE-2024-28995

SolarWinds Serv-U Path Traversal Vulnerability

SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine. Vendor/Product: SolarWinds Serv-U. Added to CISA KEV 2024-07-17; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2024-28995