High-Risk Path Traversal in SolarWinds Serv-U


The SonicWall Capture Labs threat research team became aware of a path traversal vulnerability in SolarWinds Serv-U, assessed its impact and developed mitigation measures.

Serv-U server is a solution that provides a secure file transfer facility and control inside and outside the organization. Identified as CVE-2024-28995, SolarWinds Serv-U 15.4.2 HF 1 and previous versions allow an unauthenticated threat actor to access local files remotely, earning a high CVSS score of 8.6. On account of multiple reports of in-the-wild exploitation of the vulnerability, the users are strongly encouraged to upgrade their instances to the latest fixed version SolarWinds Serv-U 15.4.2 HF 2, as mentioned by the vendor in the advisory.

Read more…
Source: Sonicwall


Sign up for our Newsletter


Related:

  • Resurrecting Internet Explorer: Threat Actors Using Zero-Day Tricks In Internet Shortcut File To Lure Victims (CVE-2024-38112)

    July 9, 2024

    Check Point Research recently discovered that threat actors have been using novel (or previously unknown) tricks to lure Windows users for remote code execution. Specifically, the attackers used special Windows Internet Shortcut files (.url extension name), which, when clicked, would call the retired Internet Explorer (IE) to visit the attacker-controlled URL. An additional trick on IE ...

  • July Patch Tuesday Unleashes a Torrent of Updates

    July 9, 2024

    With the information security industry’s two largest conferences (Black Hat Briefings and Def Con) set to happen in less than a month, Microsoft pulled out all the stops and, for July, nearly tripled the number of patches they released in June for problems discovered in Windows, Office, and software that runs under various server and ...

  • Millions of iOS apps could have been hit by cyberattack due to a worrying flaw

    July 3, 2024

    A key tool used primarily in iOS and macOS app development was vulnerable in a way that opened up millions of Mac apps to supply chain attacks, experts have warned. Cybersecurity researchers EVA Information Security claim a dependency manager for Swift and Objective-C projects called CocoaPods, carried three vulnerabilities in a “trunk” server used to manage ...

  • High-Risk Path Traversal in SolarWinds Serv-U

    July 3, 2024

    The SonicWall Capture Labs threat research team became aware of a path traversal vulnerability in SolarWinds Serv-U, assessed its impact and developed mitigation measures. Serv-U server is a solution that provides a secure file transfer facility and control inside and outside the organization. Identified as CVE-2024-28995, SolarWinds Serv-U 15.4.2 HF 1 and previous versions allow an ...

  • Vulnerabilities in PanelView Plus devices could lead to remote code execution

    July 2, 2024

    Microsoft discovered and responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that could be remotely exploited by unauthenticated attackers, allowing them to perform remote code execution (RCE) and denial-of-service (DoS). The RCE vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device. The ...

  • Cisco Releases Advisory for Exploited Vulnerability in NX-OS software

    July 2, 2024

    Cisco has released a security advisory for a vulnerability in the command line interface (CLI) of the NX-OS software in Nexus series switches, which are modular and fixed port network switches designed for data centres. The command injection vulnerability known as CVE-2024-20399 has a CVSSv3 score of 6.0 and is rated at Medium by Cisco. An ...