all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2024-28995: Trivially Exploitable Information Disclosure Vulnerability in SolarWinds Serv-U

Add to bookmarks
June 11, 2024, 2:25 p.m. | Stephen Fewer

Rapid7 Blog blog.rapid7.com

On June 5, 2024, SolarWinds disclosed CVE-2024-28995, a high-severity directory traversal vulnerability affecting the Serv-U file transfer server. Successful exploitation of the vulnerability allows unauthenticated attackers to read sensitive files on the host.

attackers cve cve-2024 directory directory traversal directory traversal vulnerability disclosure emergent threat response exploitation file files file transfer high host information information disclosure information disclosure vulnerability june sensitive server serv-u severity solarwinds transfer unauthenticated vulnerability vulnerability management

Visit resource

More from blog.rapid7.com / Rapid7 Blog

Authentication Bypasses in MOVEit Transfer and MOVEit Gateway 21 hours ago | blog.rapid7.com
authentication cve cve-2024 emergent threat response +11
Takeaways From The Take Command Summit: Understanding Modern Cyber Attacks 21 hours ago | blog.rapid7.com
artificial artificial intelligence attacks command +20
From Top Dogs to Unified Pack 1 day, 2 hours ago | blog.rapid7.com
cloud cloud environments complex landscape compliance +11
Metasploit Weekly Wrap-Up 06/21/2024 4 days, 20 hours ago | blog.rapid7.com
apache argument check check point +17
Takeaways From The Take Command Summit: Understanding Modern Cyber Attacks 5 days, 2 hours ago | blog.rapid7.com
artificial artificial intelligence attacks command +20
Helpful tools to get started in IoT Assessments 1 week, 1 day ago | blog.rapid7.com
assessments can internet internet of things +6
Malvertising Campaign Leads to Execution of Oyster Backdoor 1 week, 1 day ago | blog.rapid7.com
backdoor campaign chrome detection and response +14
Metasploit Weekly Wrap-Up 06/14/2024 1 week, 4 days ago | blog.rapid7.com
auth authentication authentication bypass authors +19
Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps and Augment MDR Services 1 week, 6 days ago | blog.rapid7.com
artificial artificial intelligence centers generative +15

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Technology Specialist I: Windows Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, California
View on infosec-jobs.com

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
View on infosec-jobs.com

Vice President, Controls Design & Development-7

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Vice President, Controls Design & Development-5

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Data Scientist & AI Prompt Engineer

@ Varonis | Israel
View on infosec-jobs.com

Contractor

@ Birlasoft | INDIA - MUMBAI - BIRLASOFT OFFICE, IN
View on infosec-jobs.com