Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
January 21, 2022Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs
January 21, 2022Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
January 21, 2022Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs
January 21, 2022Severity
Medium
Analysis Summary
CVE-2021-35247
SolarWinds Serv-U allows a remote attacker to execute arbitrary codes on an infected system. This is caused by an improper input validation error by the web login screen. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary codes on the system.
“During our sustained monitoring of threats taking advantage of the Log4j 2 vulnerabilities, we observed activity related to attacks being propagated via a previously undisclosed vulnerability in the SolarWinds Serv-U software. ” reads the advisory published by Microsoft.
According to the analysis posted by SolarWinds, Serv-U software allowed insufficiently sanitized characters through the LDAP authentication servers. The latest released version 15.3 addresses this vulnerability by performing sanitization and additional validation.
Impact
- Gain Access
- Code Execution
Affected Vendors
SolarWinds
Affected Products
- Serv-U 15.2.5 and previous versions
Remediation
Visit the following advisories released by Microsoft and SolarWinds to learn more about the vulnerability:
For patches, upgrades, and to download the latest version of Serv-U, visit: