Security News > 2024 > August > Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
2024-08-22 16:35
SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances. "The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing [a] remote unauthenticated user to access internal functionality and modify data," the company
News URL
https://thehackernews.com/2024/08/hardcoded-credential-vulnerability.html
Related news
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability (source)
- SolarWinds Web Help Desk flaw is now exploited in attacks (source)
- Critical hardcoded SolarWinds credential now exploited in the wild (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)