.. / CVE-2024-28995

Exploit for SolarWinds Serv-U - Directory Traversal (CVE-2024-28995)

Description:

SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.

Nuclei Template

View the template here CVE-2024-28995.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-28995.yaml
Copy

References:

https://x.com/stephenfewer/status/1801191416741130575
https://nvd.nist.gov/vuln/detail/CVE-2024-28995
https://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis