AI description
CVE-2025-26399 is a remote code execution vulnerability that affects SolarWinds Web Help Desk (WHD). The vulnerability stems from unsafe deserialization handling in the AjaxProxy component. Successful exploitation allows an unauthenticated attacker to run arbitrary commands on the host machine. The vulnerability is a patch bypass of CVE-2024-28988, which was itself a bypass of CVE-2024-28986. SolarWinds has released a hotfix to address the vulnerability.
- Description
- SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.
- Source
- psirt@solarwinds.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@solarwinds.com
- CWE-502
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
31
🚨 حفره بحرانی CVE-2025-26399 در SolarWinds Web Help Desk با امتیاز 9.8 اجازه اجرای کد از راه دور را میدهد. همین حالا پچ کنید! ⚠️ #Cybersecurity #Cybersecurity_News #اخبار_امنیت_سایبری #CVE_202
@vulnerbyte
24 Sept 2025
21 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
SolarWinds Patches Critical CVE-2025-26399 Remote Code Execution Flaw #SolarWinds #CVE202526399 #CyberSecurity #RemoteCodeExecution #Vulnerability #InfoSec #PatchUpdate #WebHelpDesk #DataSecurity #CVE https://t.co/OOpht1XyVe
@cyashadotcom
24 Sept 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SolarWinds Web Help Deskの重大なCVE-2025-26399脆弱性と対策 https://t.co/WGrzLlDkAy #Security #セキュリティー #ニュース
@SecureShield_
24 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-26399 https://t.co/iCA4a65ZXL
@_subTee
23 Sept 2025
14 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Security Bulletin: SolarWinds Web Help Desk RCE – CVE-2025-26399 (CVSS 9.8) allows unauthenticated deserialization → SYSTEM-level code execution via AjaxProxy. Patch to 12.8.7 HF1 now. #ThreatIntel #RedLeggCTI #SolarWinds https://t.co/zlsQ8BrOAN
@RedLegg
23 Sept 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cyble reveals 22 actively exploited vulnerabilities, including 9 absent from CISA's KEV catalog. Ransomware targets 10 flaws; new SolarWinds CVE-2025-26399 bypasses prior patches. #CVE2025-26399 #MedusaLocker #USA https://t.co/D47HEDmMCT
@TweetThreatNews
23 Sept 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SolarWinds issues a third hotfix for CVE-2025-26399, a critical Java deserialization RCE in Web Help Desk that bypasses prior CVE-2024-28988 patch. Discovered by Trend Micro ZDI. #SolarWindsPatch #JavaFlaw #USA https://t.co/J8kOuo51B5
@TweetThreatNews
23 Sept 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A new critical vulnerability (CVE-2025-26399) in SolarWinds Web Help Desk has surfaced, rated a shocking 9.8 on the CVSS scale! Unauthenticated remote code execution is here. Are you prepared? #Cybersecurity #RiskManagement https://t.co/UFUUQdJXiL
@Cyb3r_5wift
23 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Urgent: SolarWinds has released a hotfix for the critical CVE-2025-26399 Remote Code Execution flaw. Update your systems ASAP! #SolarWinds #PatchNow https://t.co/Tg3ekjxiJn
@xcybersecnews
23 Sept 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SolarWinds Releases Hotfix for Critical #CVE-2025-26399 Remote Code Execution #flaw https://t.co/rR0MITP5Ds
@AdliceSoftware
23 Sept 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw https://t.co/DsE4TIGzu8 https://t.co/CiCd2KlDYu
@talentxfactor
23 Sept 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SolarWinds releases third patch for critical RCE flaw CVE-2025-26399 in Web Help Desk 12.8.7, fixing unsafe deserialization in AjaxProxy. Update requires JAR file replacement. #SolarWindsPatch #RemoteCodeExecution #USA https://t.co/Hk93mbCY7A
@TweetThreatNews
23 Sept 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#SolarWinds Releases Hotfix for Critical #CVE-2025-26399 Remote #Code Execution Flaw https://t.co/vZ5dwfqq9O
@ScyScan
23 Sept 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical hotfix from SolarWinds for CVE-2025-26399 (CVSS 9.8) impacting Web Help Desk! This RCE vulnerability needs immediate patching. https://t.co/VocruH4tCh #SolarWinds #CVE #RCE #CyberSecurity
@0xT3chn0m4nc3r
23 Sept 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-26399 (CVSS 9.8): SolarWinds Web Help Desk Hit by Critical RCE Vulnerability 🎯19.2k+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link: https://t.co/rsrJjI2Npa FOFA Query:app="SolarWinds-Web-Help-Desk" 🔖Refer: https://t.co/2HQ
@fofabot
23 Sept 2025
1353 Impressions
8 Retweets
18 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 Fallo crítico en SolarWinds Web Help Desk (CVE-2025-26399, CVSS 9.8) 🚨 Una vulnerabilidad que permite la ejecución remota de código sin necesidad de autenticación. ⚠️ Tercer intento de parche tras dos fallos previos. 🛡️ Actualiza ya a la versión 12.8.7 HF1
@CsirtCnt
23 Sept 2025
28 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Hacker News - SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw https://t.co/UqSiYQmmap
@buzz_sec
23 Sept 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw https://t.co/1Wpuy67yUW https://t.co/GZT2wia3Ld
@RigneySec
23 Sept 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical flaw in SolarWinds Web Help Desk (CVE-2025-26399, CVSS 9.8) lets attackers run code without logging in. This is the third patch attempt—after two previous “fixes” were bypassed. Admins: update to 12.8.7 HF1 now. Full story → https://t.co/MNXcYnWaui
@TheHackersNews
23 Sept 2025
11156 Impressions
45 Retweets
91 Likes
13 Bookmarks
1 Reply
2 Quotes
🚨 SolarWinds, the gift that keeps on giving: a new Web Help Desk patch bypass, CVE-2025-26399, enables unauthenticated RCE via deserialization. It’s a patch bypass of CVE-2024-28988/CVE-2024-28986 - previously exploited. Given SolarWinds’ past, in-the-wild exploitation i
@watchtowrcyber
23 Sept 2025
10148 Impressions
32 Retweets
79 Likes
26 Bookmarks
1 Reply
0 Quotes
🟥 CVE-2025-26399, CVSS: 9.8 (#Critical) SolarWinds Web Help Desk An unauthenticated AjaxProxy deserialization remote code execution vulnerability. Exploitation allows attackers to execute commands on the host machine. Mitigation requires updating to Web Help Desk 12.8.7 ht
@UjlakiMarci
23 Sept 2025
100 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
[CVE-2025-26399: CRITICAL] SolarWinds Web Help Desk exposed to unauthenticated AjaxProxy deserialization vulnerability allowing remote code execution on host machine, an exploit bypassing CVE-2024-28988 and ...#cve,CVE-2025-26399,#cybersecurity https://t.co/pXeuC8QJKC https://t.c
@CveFindCom
23 Sept 2025
101 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes