New SolarWinds Serv-U vulnerability exploited in Log4j-related attacks

Help Net Security

Attackers looking to exploit recently discovered Log4j vulnerabilities are also trying to take advantage of a previously undisclosed vulnerability in the SolarWinds Serv-U software (CVE-2021-35247). It affects version 15.2.5 and previous versions of Serv-U, and has been patched by SolarWinds in version 15.3. About CVE-2021-35247 CVE-2021-35247 is an input validation vulnerability in the Serv-U File Server’s web login screen that could allow attackers to build a query after been given some input and send that … More →

The post New SolarWinds Serv-U vulnerability exploited in Log4j-related attacks appeared first on Help Net Security.