Share
## https://sploitus.com/exploit?id=E85D75CB-5A8C-58D4-8FDD-96734CDF180D
# CVE-2024-28995 (PoC)
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
## Queries
- Shodan:
- product:"Rhinosoft Serv-U httpd"
- "Serv-U FTP Server"
- Fofa:
- app="SolarWinds-Serv-U-FTP"
## References
- https://nvd.nist.gov/vuln/detail/CVE-2024-28995
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995