CVE-2024-28995 PoC — SolarWinds Serv-U 路径遍历漏洞

Source

Associated Vulnerability

Description

Exploit for CVE-2024-28995 affecting SolarWinds Serv-U 15.4.2 HF 1 and previous versions

Readme

# CVE-2024-28995-SolarWinds-Serv-U
**SolarWinds Serv-U File Server (Serv-U)** is a multi-protocol file server capable of sending and receiving files from other networked computers through various means. 

**CVE-2024-28995** is an unauthenticated directory transversal vulnerability in SolarWinds Serv-U that would allow an attacker to read sensitive files on the target machine.

**Affected product and versions:** SolarWinds Serv-U 15.4.2 HF 1 and previous versions

**Shodan** product:"Rhinosoft Serv-U httpd,rhinosoft serv-u httpd"

**Usage:** python3 exploit.py -u targetURL

**Usage example:** python3 exploit.py -u https://127.0.0.1/

**Disclaimer:** This exploit is to be used only for educational and authorized testing purposes. Illegal/unauthorized use of this exploit is prohibited. I am not responsible for any misuse or damage caused by this script.

**References:**
https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/?_ga=2.40268130.1338594016.1719161976-20097766.1719161973

https://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis

File Snapshot

 [4.0K]  /data/pocs/e142704947216bb2e0820677d1fa562ec3a1e513
├── [3.8K]  exploit.py
└── [1.1K]  README.md

0 directories, 2 files

Remarks