SolarWinds Serv-U Directory Traversal Remote Code Execution Vulnerability 

(CVE-2024-28073)

Download PDF

Summary

SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited.

Affected Products

  • SolarWinds Serv-U 15.4.1.128 and prior versions

Fixed Software Release

Acknowledgments

  • Alexander Skovsende at the Institut For Cyber Risk

Advisory Details

Severity

8.4 High

Advisory ID

CVE-2024-28073

First Published

04/17/2024

Last Updated

04/17/2024

Fixed Version

SolarWinds Serv-U 15.4.2

CVSS Score

CVSS:8.4AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H