Solarwinds

Webhelpdesk

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-40554

Medienbericht
  • EPSS 8.13%
  • Veröffentlicht 28.01.2026 07:36:50
  • Zuletzt bearbeitet 03.02.2026 21:08:32

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.

9.8

CVE-2025-40553

Medienbericht
  • EPSS 11.85%
  • Veröffentlicht 28.01.2026 07:35:41
  • Zuletzt bearbeitet 26.02.2026 19:30:48

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authe...

9.8

CVE-2025-40552

Medienbericht
  • EPSS 9.92%
  • Veröffentlicht 28.01.2026 07:34:37
  • Zuletzt bearbeitet 26.02.2026 19:30:48

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.

9.8

CVE-2025-40551

Warnung Medienbericht
  • EPSS 79.42%
  • Veröffentlicht 28.01.2026 07:33:09
  • Zuletzt bearbeitet 04.02.2026 02:00:02

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authe...

7.5

CVE-2025-40537

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 28.01.2026 07:31:41
  • Zuletzt bearbeitet 03.02.2026 21:14:21

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions.

9.8

CVE-2025-40536

Warnung Medienbericht
  • EPSS 68.05%
  • Veröffentlicht 28.01.2026 07:30:09
  • Zuletzt bearbeitet 13.02.2026 14:03:55

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality.

9.8

CVE-2025-26399

Medienbericht
  • EPSS 12.49%
  • Veröffentlicht 23.09.2025 05:15:35
  • Zuletzt bearbeitet 14.11.2025 23:41:16

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch by...

9.8

CVE-2024-28988

Medienbericht
  • EPSS 7.05%
  • Veröffentlicht 01.09.2025 21:18:58
  • Zuletzt bearbeitet 14.11.2025 23:32:43

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after res...

6.5

CVE-2025-26400

  • EPSS 0.01%
  • Veröffentlicht 29.07.2025 08:07:38
  • Zuletzt bearbeitet 17.11.2025 16:11:59

SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to mo...

8.8

CVE-2021-35254

  • EPSS 0.18%
  • Veröffentlicht 25.03.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:12:09

SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. SolarWinds has removed this input field to prevent the misuse of this input in the future.