SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)

SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT ticketing and asset management solution. While the vulnerability is currently not being leveraged by attackers, they might soon reverse-engineer the hotfix and create a working exploit. As watchTowr researchers noted, “given SolarWinds’ past, in-the-wild exploitation is highly likely.” About CVE-2025-26399 “[CVE-2025-26399] exists within the AjaxProxy class. The issue results from the lack of proper validation … More → The post SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399) appeared first on Help Net Security.
http://news.poseidon-us.com/TNGQ9p

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)

Like this:

Related

More Posts

Aviation meteorologists help keep flights safe, but there aren’t enough of them

A new lawsuit says the Department of Energy is quietly dismantling FOIA and public transparency

Share this:

Like this:

Related

More Posts

Aviation meteorologists help keep flights safe, but there aren’t enough of them

A new lawsuit says the Department of Energy is quietly dismantling FOIA and public transparency