exploitDog

CVE-2025-40553

Опубликовано: 28 янв. 2026

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

Ссылки

EPSS

Процентиль: 73%

0.00776

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-502

Связанные уязвимости

GHSA-5gq3-mh83-6m28

CVSS3: 9.8

github

7 дней назад

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

BDU:2026-00931

CVSS3: 9.8

fstec

8 дней назад

Уязвимость программного обеспечения управления ИТ-инфраструктурой SolarWinds Web Help Desk (WHD), связанная с недостатками механизма десериализации, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 73%

0.00776

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-502