Tech News

SolarWinds releases third patch to fix Web Help Desk RCE bug

By admin 3 Min Read

SolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication.

Tracked as CVE-2025-26399, the security issue is the company’s third attempt to address an older flaw identified as CVE-2024-28986 that impacted Web Help Desk (WHD) 12.8.3 and all previous versions.

SolarWinds WHD is a help desk and ticketing suite used by medium-to-large organizations for IT support request tracking, workflow automation, asset management, and compliance assurance.

CVE-2025-26399 affects the latest WHD version 12.8.7 and is caused by unsafe deserialization handling in the AjaxProxy component. Successful exploitation allows an unauthenticated attacker to run commands on the host machine.

In a security bulletin, the vendor says that “this vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.”

Last August, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) marked the original SolarWinds flaw as being leveraged in attacks and added it to the Known Exploited Vulnerabilities (KEV) catalog.

The new security problem was reported to SolarWinds through the Trend Micro Zero Day Initiative (ZDI). At the time of writing there are no public reports about threat actors exploiting it.

Hotfix available

SolarWinds has released a hotfix that addresses CVE-2025-26399, which requires installing Web Help Desk version 12.8.7. To apply the security update, users are advised to follow these steps:

  1. Stop Web Help Desk
  2. Navigate to: /bin/webapps/helpdesk/WEB-INF/lib/ (substitute depending on OS)
  3. Back up and then delete: c3p0.jar
  4. Back up (to a separate directory): whd-core.jar, whd-web.jar, whd-persistence.jar
  5. Copy the hotfix-supplied JARs into the same /lib directory, overwriting the originals: whd-core.jar, whd-web.jar, whd-persistence.jar, plus add HikariCP.jar
  6. Restart Web Help Desk

The hotfix is exclusively available through the SolarWinds Customer Portal. More information on how to upgrade WHD is available here.

Picus Blue Report 2025

46% of environments had passwords cracked, nearly doubling from 25% last year.

Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.

You Might Also Like

Commodore 64 Ultimate Review: An Astonishing Remake

Best New Tablet of the Year: Tech Advisor Awards 2025-26

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Samsung Galaxy Z Fold 8 Wide Edition: Features and Specs

Social Voice social media intelligence Spark Venture Funding

TAGGED: , , , ,
Share This Article
Previous Article SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
Next Article 8 Best Vegan Meal Delivery Services and Kits (2025), Tested, Tasted, and Reviewed
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

- Advertisement -

Latest News

Want to be a hit in the stock market? Here are 3 things super-successful investors do
Business
German paratrooper unit probed over alleged abuse, antisemitism and violence
World News
Asim Munir marries daughter to brother's son in Pakistan Army headquarters in Rawalpindi
Business
Today in History: December 30, Bill Cosby charged with sexual assault
World News
Commodore 64 Ultimate Review: An Astonishing Remake
Tech News
Why isn’t there a great darts video game?
Gaming News
Lighter launches LIT token: check out all the details here
Crypto
Lost your password?