Vulnerable SolarWinds Serv-U devices impacted by the high-severity path traversal flaw, tracked as CVE-2024-28995, have been subjected to ongoing attacks using publicly available proof-of-concept exploits, according to BleepingComputer.Intrusions leveraging the easily exploitable vulnerability could put 5,500 to 9,500 SolarWinds Serv-U FTP Server, Gateway, MFT Server, and File Server instances at risk of unauthorized file access and extended compromise, reported Rapid7 researchers.Another investigation by GreyNoise using a vulnerable Serv-U system-mimicking honeypot revealed that intrusions involved manual and automated attempts through incorrect slashes and path traversal sequences to distribute platform-specific payloads. Most intrusions were discovered to be targeted at files containing Linux user data, Serv-U FTP Server startup logs, and Windows configuration settings, which have been used to enable privilege escalation and further compromise.Organizations have been urged to immediately remediate impacted systems with a fix issued by SolarWinds earlier this month.
Network Security, Vulnerability Management, Patch/Configuration Management
Attacks exploiting SolarWinds Serv-U bug underway

(Adobe Stock)
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



