#cve-2025-26399

[ follow ]
#solarwinds #web-help-desk #remote-code-execution #solarwinds-web-help-desk #deserialization-rce #hotfixupdate
Information security
fromComputerWeekly.com
5 days ago

SolarWinds warns over dangerous RCE flaw | Computer Weekly

SolarWinds Web Help Desk contains an unauthenticated AjaxProxy deserialization RCE (CVE-2025-26399) that bypasses prior fixes and requires immediate patching via the 12.8.7 hotfix.
Information security
fromThe Hacker News
6 days ago

SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw

Critical unauthenticated deserialization vulnerability CVE-2025-26399 in SolarWinds Web Help Desk allows remote code execution as SYSTEM; update to 12.8.7 HF1.
[ Load more ]