Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN635
_____________________________________________________________________

DATE                : 23/09/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running SolarWinds Web Help Desk versions
                                prior to 12.8.7 HF1.

=====================================================================
https://www.solarwinds.com/trust-center/security-advisories/cve-2025-26399
_____________________________________________________________________

SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data
Remote Code Execution Vulnerability (CVE-2025-26399)


Summary

SolarWinds Web Help Desk was found to be susceptible to an
unauthenticated AjaxProxy deserialization remote code execution
vulnerability that, if exploited, would allow an attacker to run
commands on the host machine. This vulnerability is a patch bypass
of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.


Affected Products

SolarWinds Web Help Desk 12.8.7 and all previous versions


Fixed Software Release

SolarWinds Web Help Desk 12.8.7 HF1


Acknowledgments

Anonymous working with Trend Micro Zero Day Initiative


Advisory Detail

Severity
9.8 Critical

Advisory ID
CVE-2025-26399

First Published
09/17/2025

Fixed Version
SolarWinds Web Help Desk 12.8.7 HF1

CVSS Score
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================