Solarwinds Web Help Desk vulnerabilities
22 known vulnerabilities affecting solarwinds/web_help_desk.
Total CVEs
22
CISA KEV
5
actively exploited
Public exploits
9
Exploited in wild
7
Severity breakdown
CRITICAL9HIGH3MEDIUM10
Vulnerabilities
Page 1 of 2
CVE-2025-26399P1CRITICALCVSS 9.8KEVPoCRansomware≤ 12.8.6v12.8.72025-09-23
CVE-2025-26399 [CRITICAL] CVE-2025-26399: SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization
SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.
nvd
CVE-2024-28987P1CRITICALCVSS 9.1KEVPoCfixed in 12.8.3v12.8.3+1 more2024-08-21
CVE-2024-28987 [CRITICAL] CWE-798 CVE-2024-28987: The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, all
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
nvd
CVE-2024-28986P1CRITICALCVSS 9.8KEVPoC≤ 12.8.2v12.8.3+1 more2024-08-13
CVE-2024-28986 [CRITICAL] CWE-502 CVE-2024-28986: SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine.
While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing.
Ho
nvd
CVE-2025-40551P1CRITICALCVSS 9.8KEVPoCfixed in 2026.1v12.8.8 HF1 and below2026-01-28
CVE-2025-40551 [CRITICAL] CWE-502 CVE-2025-40551: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
nvd
CVE-2025-40536P1CRITICALCVSS 9.8KEVPoCfixed in 2026.1v12.8.8 HF1 and below2026-01-28
CVE-2025-40536 [CRITICAL] CWE-693 CVE-2025-40536: SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality.
nvd
CVE-2025-40554P1CRITICALCVSS 9.8ExploitedPoCRansomwarefixed in 2026.1v12.8.8 HF1 and below2026-01-28
CVE-2025-40554 [CRITICAL] CWE-1390 CVE-2025-40554: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that,
SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.
nvd
CVE-2021-35232P1MEDIUMCVSS 6.1Exploited≥ 12.7.7 and previous versions, < 12.7.7 HF 12021-12-27
CVE-2021-35232 [MEDIUM] CWE-798 CVE-2021-35232: Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, th
Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users or insert arbitrary data into the database.
nvd
CVE-2025-40552P1CRITICALCVSS 9.8PoCfixed in 2026.1v12.8.8 HF1 and below2026-01-28
CVE-2025-40552 [CRITICAL] CWE-1390 CVE-2025-40552: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that
SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.
nvd
CVE-2025-40553P1CRITICALCVSS 9.8PoCfixed in 2026.1v12.8.8 HF1 and below2026-01-28
CVE-2025-40553 [CRITICAL] CWE-502 CVE-2025-40553: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
nvd
CVE-2024-28988P1CRITICALCVSS 9.8PoC≤ 12.8.2v12.8.3+1 more2025-09-01
CVE-2024-28988 [CRITICAL] CWE-502 CVE-2024-28988: SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing this report. The ZDI team was able to discover an u
nvd
CVE-2025-40537P3HIGHCVSS 7.5fixed in 2026.1v12.8.8 HF1 and below2026-01-28
CVE-2025-40537 [HIGH] CWE-798 CVE-2025-40537: SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that,
SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions.
nvd
CVE-2021-35243P3HIGHCVSS 7.5≤ 12.7.7v12.7.7 and previous versions 12.7.7 HF12021-12-23
CVE-2021-35243 [HIGH] CWE-749 CVE-2021-35243: The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), a
The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), allowing users to execute dangerous HTTP requests. The HTTP PUT method is normally used to upload data that is saved on the server with a user-supplied URL. While the DELETE method requests that the origin server removes the association between the targe
nvd
CVE-2026-28299P3HIGHCVSS 7.5fixed in 2026.2v2026.1 and all previous versions2026-06-02
CVE-2026-28299 [HIGH] CWE-770 CVE-2026-28299: SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when ex
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
nvd
CVE-2025-26400P3MEDIUMCVSS 6.5fixed in 12.8.7v12.8.6 and previous versions2025-07-29
CVE-2025-26400 [MEDIUM] CWE-611 CVE-2025-26400: SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulne
SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to modify configuration files.
nvd
CVE-2021-32076P4MEDIUMCVSS 5.3≤ 12.7.2≥ unspecified, ≤ 12.7.52021-08-26
CVE-2021-32076 [MEDIUM] CWE-290 CVE-2021-32076: Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. An a
Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. An attacker can access the 'Web Help Desk Getting Started Wizard', especially the admin account creation page, from a non-privileged IP address network range or loopback address by intercepting the HTTP request and changing the referrer from the public IP
nvd
CVE-2019-16956P4MEDIUMCVSS 5.4v12.7.02021-01-04
CVE-2019-16956 [MEDIUM] CWE-79 CVE-2019-16956: SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket.
SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket.
nvd
CVE-2019-16954P4MEDIUMCVSS 5.4v12.7.02021-01-06
CVE-2019-16954 [MEDIUM] CWE-79 CVE-2019-16954: SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket.
SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket.
nvd
CVE-2019-16960P4MEDIUMCVSS 5.4v12.7.02021-01-04
CVE-2019-16960 [MEDIUM] CWE-79 CVE-2019-16960: SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template file with a crafted Location Name fiel
SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template file with a crafted Location Name field.
nvd
CVE-2019-16961P4MEDIUMCVSS 5.4v12.7.02021-01-15
CVE-2019-16961 [MEDIUM] CWE-79 CVE-2019-16961: SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name.
SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name.
nvd
CVE-2024-45709P4MEDIUMCVSS 5.5fixed in 12.8.4v12.8.3 HF3 and previous versions2024-12-10
CVE-2024-45709 [MEDIUM] CWE-22 CVE-2024-45709: SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability req
SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited.
nvd
1 / 2Next →