Summary

An external security researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. If exploited, this vulnerability could allow access to files relating to the Serv-U installation and server files. It is important to note no exploits of this vulnerability have been reported in the wild.

Affected Products

• Only Serv-U version 15.3

Fixed Software Release

• Serv-U 15.3 HF 1

Acknowledgments

• SolarWinds would like to thank the external security researcher who reported this issue and is cooperating with SolarWinds on responsible disclosure best practices.