CVE-2024-28995 icon indicating copy to clipboard operation
CVE-2024-28995 copied to clipboard

Published 20 hours ago verified publisher icon Stuub

Metadata

CVE-2024-28955 Exploitation PoC

CVE-2024-28995 Automated Path Traversal & Local File Read

Features

  • Version Detection: Retrieves the Serv-U version from the server header.
  • Vulnerability Check: Compares the detected version against a known vulnerable version (15.4.2 or lower).
  • Default Path Testing: Tests predefined paths for both Windows and Linux to determine if the server is vulnerable.
  • Custom Path Testing: Allows users to specify custom directory and file paths to test for file read vulnerability.
  • Wordlist Path Testing: Supports the use of a wordlist for testing multiple paths for file read vulnerability.

Usage

To use this tool, you need to have Python installed. Run the script with the appropriate arguments:

python3 CVE-2024-28995.py -u <URL> [-d <Directory Path>] [-f <File Name>] [-w <Wordlist>]

Arguments

-u, --url: URL to exploit (required).
-d, --dir: Directory path for File Read (e.g., ProgramData/RhinoSoft/Serv-U/).
-f, --file: File to read for File Read (e.g., Serv-U-StartupLog.txt or passwd).
-w, --wordlist: Wordlist for additional paths to test.

Example

python3 CVE-2024-28995.py -u http://example.com -d ProgramData/RhinoSoft/Serv-U/ -f Serv-U-StartupLog.txt

image

image

image

References

https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

https://github.com/bigb0x/CVE-2024-28995

Metadata

34
Stars
5
Forks
Watchers

Owner

verified publisher icon Stuub

Metadata

CVE-2024-28955 Exploitation PoC

Back