GuLoader Malspam Campaign – Active IOCs
April 19, 2024GuLoader Malspam Campaign – Active IOCs
April 19, 2024Severity
High
Analysis Summary
CVE-2024-28073
SolarWinds Serv-U could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially crafted URL request containing "dot dot" sequences to execute arbitrary code on the system.
Impact
- Information Obtained
Indicators of Compromise
CVE
- CVE-2024-28073
Affected Vendors
Affected Products
- SolarWinds Serv-U 15.4.1.128
Remediation
Refer to SolarWinds Website for patch, upgrade, or suggested workaround information.