13 matches found
SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Exploit Title: SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal Date: 2025-05-28 Exploit Author: @ibrahimsql Exploit Author's github: https://github.com/ibrahimsql Vendor Homepage: https://www.solarwinds.com/serv-u-managed-file-transfer-server Software Link:...
SolarWinds Serv-U Unauthenticated Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarWinds Serv-U Unauthenticated Arbitrary File Read', 'Description' = %q This module exploits an unauthenticated file read vulnerability, due t...
Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager
Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem Cisco SSM On-Prem that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked...
Exploit for Path Traversal in Solarwinds Serv-U
CVE-2024-28995 Automated Path Traversal & Local File Read...
Exploit for Path Traversal in Solarwinds Serv-U
CVE-2024-28995-SolarWinds-Serv-U SolarWinds Serv-U File Serv...
SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately
A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild. The vulnerability, tracked as CVE-2024-28995 CVSS score: 8.6, concerns a directory transversal bug that could allow attackers to read sensitive fil...
Exploit for Path Traversal in Solarwinds Serv-U
CVE-2024-28995 PoC and Bulk Scanner Overview This reposit...
Exploit for Path Traversal in Solarwinds Serv-U
Exploit For CVE-2024-28995 On June 5, 2024, SolarWinds publi...
Exploit for Path Traversal in Solarwinds Serv-U
CVE-2024-28995 Nuclei Template Checks for directory traversal...
CVE-2024-28995
creationtimestamp| type| source ---|---|--- 2024-06-14 04:14:29+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7647 2024-06-14 08:12:01+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7651 2024-06-14 09:48:38+00:00| published-proof-of-concept|...
CVE-2024-28995: Trivially Exploitable Information Disclosure Vulnerability in SolarWinds Serv-U
On June 5, 2024, SolarWinds disclosed CVE-2024-28995, a high-severity directory traversal vulnerability affecting their Serv-U file transfer server, which comes in two editions Serv-U FTP and Serv-U MFT. Successful exploitation of the vulnerability allows unauthenticated attackers to read sensiti...
SolarWinds Serv-U < 15.4.2 HF2
The version of SolarWinds Serv-U installed on the remote host is prior to 15.4.2 HF2. It is, therefore, affected by a vulnerability as referenced in the solarwindsserv-u1542hf2 advisory. - SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read...
CVE-2024-28995
CVE-2024-28995 is a directory traversal vulnerability in SolarWinds Serv-U that allows unauthenticated attackers to read sensitive host files. The flaw affects Serv-U and can be triggered via crafted directory/file paths (e.g., using InternalDir/InternalFile payloads) to access local logs and sys...