Particle.news
Download on the App Store
6 ARTICLES
·
6h ago

SolarWinds Issues Hotfix for Web Help Desk RCE Bypass

The hotfix addresses a new bypass of prior Web Help Desk deserialization fixes credited to a ZDI researcher.

Image
SolarWinds patches vulnerability
Image
Image

Overview

  • SolarWinds released Web Help Desk 12.8.7 Hotfix 1 to remediate CVE-2025-26399, an unauthenticated AjaxProxy deserialization flaw that allows command execution on the host.
  • The vulnerability carries a 9.8 CVSS score and affects version 12.8.7 and all earlier releases of Web Help Desk.
  • SolarWinds identifies the bug as a patch bypass of CVE-2024-28988, itself a bypass of CVE-2024-28986, which was previously exploited and added to CISA’s KEV catalog.
  • There are no public reports of active exploitation of CVE-2025-26399, though security analysts urge rapid patching given prior attacks on related defects.
  • The update is available through the SolarWinds Customer Portal and requires manual JAR replacements followed by a service restart.