PT-2026-5074 · Solarwinds · Solarwinds Web Help Desk
Published
2026-01-28
·
Updated
2026-03-02
·
CVE-2025-40552
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
SolarWinds Web Help Desk versions prior to 2026.1
Description
SolarWinds Web Help Desk is affected by an authentication bypass issue. Successful exploitation allows a malicious actor to execute actions and methods that should require authentication, potentially granting unauthorized access to protected information. The issue stems from flaws in the authentication procedure and improper access controls.
Recommendations
Upgrade to version 2026.1 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Solarwinds Web Help Desk