# SolarWinds Serv-U L 目录穿越漏洞
## 概述
SolarWinds Serv-U 存在一个目录穿越漏洞,允许攻击者读取主机上的敏感文件。
## 影响版本
未指定具体版本。
## 细节
目录穿越漏洞允许攻击者通过构造特定路径,绕过访问控制,访问受限目录中的敏感文件。
## 影响
利用此漏洞,攻击者能够读取主机上敏感的文件,可能包括配置文件、日志文件和其他重要数据。这可能导致敏感信息泄露。
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28995) POC | https://github.com/karkis3c/cves | POC详情 |
| 2 | CVE-2024-28995 PoC | https://github.com/krypton-kry/CVE-2024-28995 | POC详情 |
| 3 | None | https://github.com/ggfzx/CVE-2024-28995 | POC详情 |
| 4 | None | https://github.com/huseyinstif/CVE-2024-28995-Nuclei-Template | POC详情 |
| 5 | Exploit for CVE-2024-28995 | https://github.com/0xkucing/CVE-2024-28995 | POC详情 |
| 6 | CVE-2024-28995 POC Vulnerability Scanner | https://github.com/bigb0x/CVE-2024-28995 | POC详情 |
| 7 | Exploit for CVE-2024-28995 affecting SolarWinds Serv-U 15.4.2 HF 1 and previous versions | https://github.com/Praison001/CVE-2024-28995-SolarWinds-Serv-U | POC详情 |
| 8 | Exploit for CVE-2024-28995 | https://github.com/0xc4t/CVE-2024-28995 | POC详情 |
| 9 | None | https://github.com/Stuub/CVE-2024-28995 | POC详情 |
| 10 | SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28995) POC | https://github.com/muhammetali20/CVE-2024-28995 | POC详情 |
| 11 | SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. | https://github.com/gotr00t0day/CVE-2024-28995 | POC详情 |
| 12 | SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-28995.yaml | POC详情 |
| 13 | CVE-2024-28995 PoC | https://github.com/demoAlitalia/CVE-2024-28995 | POC详情 |
| 14 | SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal | https://github.com/ibrahmsql/CVE-2024-28995 | POC详情 |
暂无评论