CVE-2024-28995β€”SolarWinds Serv-U Path Traversal Vulnerability

PUBLISHEDvulnerability record
2024-07-17 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2024-28995
Project:
SolarWinds
Product:
Serv-U
Date Added:
2024-07-17
Due Date:
2024-08-07
Last Updated:
June 21, 2025

Vulnerability Name

SolarWinds Serv-U Path Traversal Vulnerability

Description

SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

Related News Articles

Related Weaknesses