#SolarWinds: risolta vulnerabilità con gravità “Alta” in #WebHelpDesk Rischio: 🟡 Tipologia: 🔸Denial of Service 🔗 acn.gov.it/portale/w/vulnera… 🔄Aggiornamenti disponibili 🔄

‼ #SolarWinds #WebHelpDesk: sfruttamento attivo di vulnerabilità 🔗 acn.gov.it/portale/w/solarwi… ⚠ Aggiornare tempestivamente ⚠

Attackers abuse Solarwinds WebHelpDesk to install Zoho agents and Velociraptor -- securityaffairs.com/187761/s…

🚨 CVE-2025-40551 (CVSS 9.8): SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication. Search by vul.cve Filter 👉 vul.cve="CVE-2025-40551" ZoomEye Dork 👉 app="SolarWinds Web Help Desk" 25k exposed instances. ZoomEye Link: zoomeye.ai/searchResult?q=YX… Refer: solarwinds.com/trust-center/… #ZoomEye #NetSec #OSINT #CyberSecurity #SolarWinds #WebHelpDesk #Vulnerability #Infosec

SolarWinds Web Help Desk の脆弱性 CVE-2025-40536／40537／40551：連鎖による RCE の恐れ iototsecnews.jp/2026/01/29/s… SolarWinds の IT サービス管理プラットフォーム Web Help Desk において、認証を一切必要とせずにサーバ上で任意のコマンド実行を可能にする、きわめて深刻な脆弱性チェーンが公開されました。この攻撃は、Horizon3.ai の研究者により特定された、3 つの脆弱性を組み合わせることで成立します。特筆すべきは、過去に何度も修正されてきた問題を、再び回避する手法が用いられ、深刻な侵害に至る点です。ご利用のチームは、ご注意ください。 #CVE202540536 #CVE202540537 #CVE202540551 #SolarWinds #Vulnerability #WebHelpDesk

‼️ #Exploited #Solarwinds: rilevato lo sfruttamento attivo in rete della CVE-2025-40551, relativa a #WebHelpDesk Rischio: 🔴 ⚠️ Ove non provveduto, si raccomanda l’aggiornamento tempestivo del software interessato o l'implementazione delle mitigazioni indicate dal vendor

🚨 ثغرات حرجة في SolarWinds Web Help Desk SolarWinds أصدرت تنبيه أمني عاجل بخصوص ست ثغرات خطيرة في منصة Web Help Desk WHD، تؤثر على الإصدارات قبل 2026.1. هذه الثغرات يمكن أن تسمح للمهاجمين بالوصول غير المصرح به. 💡 الحماية: - قم بتحديث SolarWinds Web Help Desk إلى الإصدار 2026.1 أو أحدث. - راجع التنبيه الأمني لـ SolarWinds لفهم نطاق التأثير. - طبق أي إجراءات تخفيف موصى بها في التنبيه. 🔗 thecyberthrone.in/2026/01/30… #الأمن_السيبراني #SolarWinds #WebHelpDesk #Vulnerabilities

A lot to unpack here but … Recent WebHelpDesk (WHD) Common Vulnerabilities and #Exploits (CVE) explains gaining #Remote Code Execution (RCE) by exploiting #Java WebObjects and Sessions.

CVE-2025-40551: SolarWinds WebHelpDesk RCE Deep-Dive and Indicators of Compromise horizon3.ai/attack-research/…

Today we are disclosing the details of CVE-2025-40551, an unauth deserialization vuln leading to remote code execution affecting SolarWinds WebHelpDesk. Find the technical details, indicators of compromise, and proof-of-concept exploit in the blog. horizon3.ai/attack-research/…

#SolarWinds: risolta vulnerabilità “critica” in #WebHelpDesk Rischio: 🟠 Tipologia: 🔸 Remote Code Execution 🔗 acn.gov.it/portale/w/vulnera… 🔄 Aggiornamenti disponibili 🔄

people that ditch on jira never used anything else. There are much much worse ticketing systems out there. Webhelpdesk for example.

ICYMI: There are new Division I and Division III Educational Modules for coaches supporting NCAA student-athletes available in the NCAA Learning Portal. For technical assistance, please reach out to webhelpdesk@ncaa.org.

#Solarwinds: rilevato lo sfruttamento attivo in rete della CVE-2024-28987, relativo a #WebHelpDesk ⚠️ Ove non provveduto, si raccomanda l’aggiornamento tempestivo del software interessato

SolarWinds left critical hardcoded credentials in its Web Help Desk product dlvr.it/TCJG22 #cybersecurity @reach2ratan #privacy #SolarWindsSecurity #SecurityFlaws #HardcodedCredentials #WebHelpDesk #DataPrivacy #ITSecurity #NetworkSecurity #VulnerabilityManagement

Reported a critical vulnerability to SolarWinds on Friday after digging into the recent CISA KEV CVE-2024-28986 for WebHelpDesk, amazed they’ve already shipped a patch 4 days later! support.solarwinds.com/Succe… Will release some details next month.

‼ #Solarwinds: rilevato lo sfruttamento attivo in rete della CVE-2024-28986, relativa al prodotto #WebHelpDesk Rischio: 🔴 ⚠ Ove non provveduto, si raccomanda l’aggiornamento tempestivo del software interessato

#SolarWinds advierte a los clientes sobre posibles ataques cibernéticos dirigidos a instalaciones sin parches de su producto #WebHelpDesk (WHD). #OpenSpring #ciberseguridad @securityaffairs securityaffairs.co/wordpress…

#SolarWinds advierte a los clientes sobre posibles ataques cibernéticos dirigidos a instalaciones sin parches de su producto #WebHelpDesk (WHD). #OpenSpring #ciberseguridad @securityaffairs securityaffairs.co/wordpress…

WebHelpDesk is such a pile, but it's a pile they purchased. It used to have a OSX-styled interface because it's based off WebObjects. You literally can't have more than one tab of it open at a time... Oh, they also wrote OAuth for Office 365 to use the deprecated API endpoint...