"While Jimi Sebree from Horizon3.ai has been credited with discovering and reporting the first three vulnerabilities, watchTowr's Piotr Bazydlo has been acknowledged for the remaining three flaws. All the issues have been addressed in WHD 2026.1. "Both CVE-2025-40551 and CVE-2025-40553 are critical deserialization of untrusted data vulnerabilities that allow a remote unauthenticated attacker to achieve RCE on a target system and execute payloads such as arbitrary OS command execution," Rapid7 said."
"CVE-2025-40551 (CVSS score: 9.8) - An untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an unauthenticated attacker to run commands on the host machine CVE-2025-40552 (CVSS score: 9.8) - An authentication bypass vulnerability that could allow an unauthenticated attacker to execute actions and methods CVE-2025-40553 (CVSS score: 9.8) - An untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an unauthenticated attacker to run commands on the host machine CVE-2025-40554 (CVSS score: 9.8) - An authentication bypass vulnerability that could allow an attacker to invoke specific actions within Web Help Desk"
SolarWinds released security updates for Web Help Desk to remediate multiple vulnerabilities, including four critical flaws that enable authentication bypass and remote code execution. Six CVEs are identified: CVE-2025-40536 (8.1) security control bypass; CVE-2025-40537 (7.5) hard-coded credentials allowing administrative access via the "client" account; CVE-2025-40551 (9.8) and CVE-2025-40553 (9.8) untrusted deserialization leading to RCE; CVE-2025-40552 (9.8) and CVE-2025-40554 (9.8) authentication bypasses enabling execution of actions. The first three vulnerabilities were reported by Jimi Sebree of Horizon3.ai and the latter three by Piotr Bazydlo of watchTowr. All issues were addressed in WHD 2026.1.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]