SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
https://www.hivepro.com/threat-digest/attacks-vulnerabilities-and-actors-17-to-23-june-2024/
https://thecyberthrone.in/2024/06/23/thecyberthrone-security-week-in-review-june-22-2024/
https://securityaffairs.com/164806/hacking/solarwinds-serv-u-cve-2024-28995-exploit.html
https://thecyberthrone.in/2024/06/20/poc-exploit-released-for-solarwinds-flaw-cve-2024-28895/
https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-4-2-Hotfix-2-Release-Notes
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995