Tech News

SolarWinds releases third patch to fix Web Help Desk RCE bug

By admin 3 Min Read

SolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication.

Tracked as CVE-2025-26399, the security issue is the company’s third attempt to address an older flaw identified as CVE-2024-28986 that impacted Web Help Desk (WHD) 12.8.3 and all previous versions.

SolarWinds WHD is a help desk and ticketing suite used by medium-to-large organizations for IT support request tracking, workflow automation, asset management, and compliance assurance.

CVE-2025-26399 affects the latest WHD version 12.8.7 and is caused by unsafe deserialization handling in the AjaxProxy component. Successful exploitation allows an unauthenticated attacker to run commands on the host machine.

In a security bulletin, the vendor says that “this vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.”

Last August, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) marked the original SolarWinds flaw as being leveraged in attacks and added it to the Known Exploited Vulnerabilities (KEV) catalog.

The new security problem was reported to SolarWinds through the Trend Micro Zero Day Initiative (ZDI). At the time of writing there are no public reports about threat actors exploiting it.

Hotfix available

SolarWinds has released a hotfix that addresses CVE-2025-26399, which requires installing Web Help Desk version 12.8.7. To apply the security update, users are advised to follow these steps:

  1. Stop Web Help Desk
  2. Navigate to: /bin/webapps/helpdesk/WEB-INF/lib/ (substitute depending on OS)
  3. Back up and then delete: c3p0.jar
  4. Back up (to a separate directory): whd-core.jar, whd-web.jar, whd-persistence.jar
  5. Copy the hotfix-supplied JARs into the same /lib directory, overwriting the originals: whd-core.jar, whd-web.jar, whd-persistence.jar, plus add HikariCP.jar
  6. Restart Web Help Desk

The hotfix is exclusively available through the SolarWinds Customer Portal. More information on how to upgrade WHD is available here.

Picus Blue Report 2025

46% of environments had passwords cracked, nearly doubling from 25% last year.

Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.

You Might Also Like

Apple AI Pin Specs Leak: Dual Cameras, No Screen & More

The diverse responsibilities of a principal software engineer

OpenAI Backs Bill That Would Limit Liability for AI-Enabled Mass Deaths or Financial Disasters

Google’s Fitbit Tease has me More Excited for Garmin’s Whoop Rival

Why the TCL NXTPAPER 14 Is One of the Best Tablets for Musicians and Sheet Music Reading

TAGGED: , , , ,
Share This Article
Previous Article SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
Next Article 8 Best Vegan Meal Delivery Services and Kits (2025), Tested, Tasted, and Reviewed
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

- Advertisement -

Latest News

JPMorgan CEO Jamie Dimon says he’s ‘learned and relearned’ to not make big decisions when he’s tired on Fridays
Business
Apple AI Pin Specs Leak: Dual Cameras, No Screen & More
Tech News
A ‘glass-like’ battlefield: German Army chief on the future of warfare
World News
Polymarket Sees Record $153M Daily Volume After Chainlink Integration
Crypto
Natasha Lyonne Then & Now: See Before & After Photos of the Actress Here
Celebrity
Cult Hit Doki Doki Literature Club Fights Removal From Google Play Store Over ‘Depiction Of Sensitive Themes’
Gaming News
Dead as Disco Launches Into Early Access on May 5th, Groovy New Gameplay Released
Gaming News
Lost your password?