Share
## https://sploitus.com/exploit?id=E85D75CB-5A8C-58D4-8FDD-96734CDF180D
# CVE-2024-28995 (PoC)

SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
## Queries
- Shodan: 
     - product:"Rhinosoft Serv-U httpd"
     - "Serv-U FTP Server"
- Fofa:
     -  app="SolarWinds-Serv-U-FTP"

## References
-  https://nvd.nist.gov/vuln/detail/CVE-2024-28995
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995