CVE-2021-35247 - SolarWinds Serv-U Improper Input Validation Vulnerability
Project:SolarWinds
Product:Serv-U
Date Added:2022-01-21Due Date:2022-02-04
Vulnerability Name
SolarWinds Serv-U Improper Input Validation Vulnerability
Description
SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-35247