Security News > 2024 > August > SolarWinds left critical hardcoded credentials in its Web Help Desk product
2024-08-22 22:36
Why go to the effort of backdooring code when devs will basically do it for you accidentally anyway SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sensitive data…
News URL
Related news
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- Critical hardcoded SolarWinds credential now exploited in the wild (source)
- SolarWinds Web Help Desk flaw is now exploited in attacks (source)
- Critical default credential in Kubernetes Image Builder allows SSH root access (source)