Authenticated Directory Traversal Vulnerability in SolarWinds Serv-U

CVE-2020-27994

What is CVE-2020-27994?

The vulnerability in SolarWinds Serv-U, present in versions prior to 15.2.2, allows authenticated users to exploit directory traversal attacks. This could enable attackers to access sensitive files and directories outside of the intended scope, potentially compromising the integrity of stored data. Administrators are advised to update their Serv-U installations to mitigate this risk.

References