CVE-2021-35247β€”SolarWinds Serv-U Improper Input Validation Vulnerability

PUBLISHEDvulnerability record
2022-01-21 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2021-35247
Project:
SolarWinds
Product:
Serv-U
Date Added:
2022-01-21
Due Date:
2022-02-04
Last Updated:
June 21, 2025

Vulnerability Name

SolarWinds Serv-U Improper Input Validation Vulnerability

Description

SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply updates per vendor instructions.

Additional Notes

Related News Articles

Related Weaknesses