[POC] CVE-2024-28995 Directory Traversal Vulnerability affecting SolarWinds Serv-U

by Unethical - Monday June 17, 2024 at 04:30 PM

Unethical

MVP User

Posts: 37

Threads: 6

Joined: May 2024

Reputation: 79

06-17-2024, 04:30 PM (This post was last modified: 06-17-2024, 04:31 PM by Unethical.)

SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.

POC: https://github.com/rapid7/metasploit-fra...pull/19255

Search Query:

Hunter: protocol.banner="Serv-U FTP"
FOFA: app="SolarWinds-Serv-U-FTP"
SHODAN: product:"Serv-U ftpd"

This is not my work, just thought I would share.

« Next Oldest | Next Newest »

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	POC : Source Code Disclosure and SSRF - Apache HTTP Servers	Loki	59	6,248	5 hours ago Last Post: Ankaletter
	new wordpress website takeover vuln (video + poc )	zinzeur	313	27,328	03-28-2026, 02:43 AM Last Post: toshi99
	[POC] Google OAuth "MultiLogin" endpoint 0-day	Farfallaiero	106	13,216	02-10-2026, 03:34 PM Last Post: birhikayemvar
	Cool Remote Patching ETW/Amsi PoC	pepeloco	6	2,102	02-08-2026, 07:58 AM Last Post: zeroday99
	CVE-2025-40554 - SolarWinds Web Help Desk Auth Bypass & RCE PoC	miyako	3	81	02-07-2026, 03:32 PM Last Post: cysc

Users browsing this thread: 1 Guest(s)