CVE-2025-26399

CRITICALCISA KEV

9.8

Beschreibung

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht9/23/2025

Zuletzt geandert3/10/2026

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerSolarWinds

ProduktWeb Help Desk

SchwachstellennameSolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

KEV Aufnahmedatum2026-03-09

Behebungsfrist2026-03-12

Ransomware-NutzungUnknown

Betroffene Produkte

solarwinds:web_help_desk

Schwachen (CWE)

CWE-502CWE-502

Referenzen

https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_12-8-7-hotfix-1_release_notes.htm(psirt@solarwinds.com)

https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26399(psirt@solarwinds.com)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-26399(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.microsoft.com/en-us/security/blog/2026/02/06/active-exploitation-solarwinds-web-help-desk/(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.