Lucene search
K

13 matches found

Exploit DB
Exploit DB
added 2025/05/29 12:0 a.m.357 views

SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal

Exploit Title: SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal Date: 2025-05-28 Exploit Author: @ibrahimsql Exploit Author's github: https://github.com/ibrahimsql Vendor Homepage: https://www.solarwinds.com/serv-u-managed-file-transfer-server Software Link:...

8.6CVSS7.3AI score0.99614EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.151 views

SolarWinds Serv-U Unauthenticated Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarWinds Serv-U Unauthenticated Arbitrary File Read', 'Description' = %q This module exploits an unauthenticated file read vulnerability, due t...

8.6CVSS7.3AI score0.99614EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/07/18 6:1 a.m.65 views

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager

Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem Cisco SSM On-Prem that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked...

10CVSS10AI score0.99994EPSS
Exploits39
GithubExploit
GithubExploit
added 2024/07/01 11:49 a.m.528 views

Exploit for Path Traversal in Solarwinds Serv-U

CVE-2024-28995 Automated Path Traversal & Local File Read...

8.6CVSS8.7AI score0.99614EPSS
Exploits9
GithubExploit
GithubExploit
added 2024/06/26 10:51 a.m.419 views

Exploit for Path Traversal in Solarwinds Serv-U

CVE-2024-28995-SolarWinds-Serv-U SolarWinds Serv-U File Serv...

8.6CVSS6.9AI score0.99614EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/06/21 8:54 a.m.51 views

SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately

A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild. The vulnerability, tracked as CVE-2024-28995 CVSS score: 8.6, concerns a directory transversal bug that could allow attackers to read sensitive fil...

8.6CVSS6.8AI score0.99614EPSS
Exploits8
GithubExploit
GithubExploit
added 2024/06/14 11:5 p.m.586 views

Exploit for Path Traversal in Solarwinds Serv-U

CVE-2024-28995 PoC and Bulk Scanner Overview This reposit...

8.6CVSS8.7AI score0.99614EPSS
Exploits8
GithubExploit
GithubExploit
added 2024/06/14 8:4 a.m.453 views

Exploit for Path Traversal in Solarwinds Serv-U

Exploit For CVE-2024-28995 On June 5, 2024, SolarWinds publi...

8.6CVSS8.8AI score0.99614EPSS
Exploits8
GithubExploit
GithubExploit
added 2024/06/14 8:1 a.m.111 views

Exploit for Path Traversal in Solarwinds Serv-U

CVE-2024-28995 Nuclei Template Checks for directory traversal...

8.6CVSS9.7AI score0.99614EPSS
Exploits8
Circl
Circl
added 2024/06/14 4:14 a.m.15 views

CVE-2024-28995

creationtimestamp| type| source ---|---|--- 2024-06-14 04:14:29+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7647 2024-06-14 08:12:01+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7651 2024-06-14 09:48:38+00:00| published-proof-of-concept|...

8.6CVSS7.1AI score0.99614EPSS
In wildExploits8References33
Rapid7 Blog
Rapid7 Blog
added 2024/06/11 2:25 p.m.49 views

CVE-2024-28995: Trivially Exploitable Information Disclosure Vulnerability in SolarWinds Serv-U

On June 5, 2024, SolarWinds disclosed CVE-2024-28995, a high-severity directory traversal vulnerability affecting their Serv-U file transfer server, which comes in two editions Serv-U FTP and Serv-U MFT. Successful exploitation of the vulnerability allows unauthenticated attackers to read sensiti...

8.6CVSS7.8AI score0.99614EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2024/06/07 12:0 a.m.38 views

SolarWinds Serv-U < 15.4.2 HF2

The version of SolarWinds Serv-U installed on the remote host is prior to 15.4.2 HF2. It is, therefore, affected by a vulnerability as referenced in the solarwindsserv-u1542hf2 advisory. - SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read...

8.6CVSS6AI score0.99614EPSS
Exploits8References2
CVE
CVE
added 2024/06/06 9:1 a.m.426 views

CVE-2024-28995

CVE-2024-28995 is a directory traversal vulnerability in SolarWinds Serv-U that allows unauthenticated attackers to read sensitive host files. The flaw affects Serv-U and can be triggered via crafted directory/file paths (e.g., using InternalDir/InternalFile payloads) to access local logs and sys...

8.6CVSS5.8AI score0.99614EPSS
In wildExploits8References2Affected Software1
Rows per page
Query Builder