Posted by Harrison Neal on Mar 16
Older versions of SolarWinds’ TFTP Server, which could have been installed
from a standalone download or bundled with certain paid products, may have
allowed unauthenticated remote users to change sensitive settings such as
the TFTP root directory or IP-based security settings.
In certain environments, this could lead to remote code execution, for
example by allowing attackers to modify a web application hosted on the
– Read More – Full Disclosure