← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-35247 — Actively Exploited: Serv-U (SolarWinds)

SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.

CVE IDCVE-2021-35247
VendorSolarWinds
ProductServ-U
Vulnerability nameSolarWinds Serv-U Improper Input Validation Vulnerability
Date added2022-01-21
Remediation due2022-02-04
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionSolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →