Security Alert (A22-01-19): Vulnerability in SolarWinds Serv-U File Server
24 January 2022
SolarWinds has released a security advisory to address an improper input validation vulnerability (CVE-2021-35247) in Serv-U File Server. An attacker could send a specially crafted LDAP query to exploit the vulnerability.
SolarWinds Serv-U File Server with version prior to 15.3
A successful exploitation could lead to security feature bypass on an affected system.
Software updates or patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.