Directory Transversal Vulnerability in Serv-U 15.3
(CVE-2022-35250)
Summary
An external security researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. If exploited, this vulnerability could allow access to files relating to the Serv-U installation and server files. It is important to note no exploits of this vulnerability have been reported in the wild.
Affected Products
- Only Serv-U version 15.3
Fixed Software Release
Acknowledgments
- SolarWinds would like to thank the external security researcher who reported this issue and is cooperating with SolarWinds on responsible disclosure best practices.
Advisory Details
Severity
7.5 High
Advisory ID
First Published
03/02/2022
Last Updated
03/02/2022