CVE-2024-28995 – SolarWinds Serv-U Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. SolarWinds Serv-U era susceptible a una vulnerabilidad directory transversal que permitiría el acceso para leer archivos confidenciales en la máquina host. SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine. • https://github.com/Stuub/CVE-2024-28995 https://github.com/0xc4t/CVE-2024-28995 https://github.com/Praison001/CVE-2024-28995-SolarWinds-Serv-U https://github.com/bigb0x/CVE-2024-28995 https://github.com/krypton-kry/CVE-2024-28995 https://github.com/ggfzx/CVE-2024-28995 https://github.com/muhammetali20/CVE-2024-28995 https://github.com/huseyinstif/CVE-2024-28995-Nuclei-Template https://github.com/gotr00t0day/CVE-2024-28995 https://www.solarwinds.com/trust-center/security-a • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-23841 – SolarWinds Serv-U Exposure of Sensitive Information Vulnerability
https://notcve.org/view.php?id=CVE-2023-23841
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data. SolarWinds Serv-U está enviando una solicitud HTTP al cambiar o actualizar los atributos de "File Share" o "File Request?". Parte de la URL de la solicitud revela datos confidenciales. • https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/serv-u_15-4_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23841 • CWE-319: Cleartext Transmission of Sensitive Information •
CVE-2021-35252 – Common Key Vulnerability in Serv-U FTP Server
https://notcve.org/view.php?id=CVE-2021-35252
Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext. Parece que se utiliza una clave de cifrado común en todas las instancias implementadas del Serv-U FTP Server. Debido a esto, un valor cifrado que está expuesto a un atacante se puede recuperar simplemente en texto plano. • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35252 https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-2_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35252 • CWE-287: Improper Authentication CWE-798: Use of Hard-coded Credentials •
CVE-2021-35249 – Domain Admin Broken Access Control
https://notcve.org/view.php?id=CVE-2021-35249
This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a data leak to unauthorized users for a domain, with no log of them accessing the data unless they attempt to modify it. This read-only activity is logged to the original domain and does not specify which domain was accessed. Esta vulnerabilidad de control de acceso roto es referida específicamente a un administrador de dominio que puede acceder a los datos de configuración y de usuario de otros dominios a los que no debería tener acceso. • https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-1_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35249 • CWE-284: Improper Access Control •
CVE-2021-35247 – SolarWinds Serv-U Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2021-35247
Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U. • https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247 • CWE-20: Improper Input Validation •