Security News > 2024 > August > SolarWinds left critical hardcoded credentials in its Web Help Desk product
2024-08-22 22:36
Why go to the effort of backdooring code when devs will basically do it for you accidentally anyway SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sensitive data…
News URL
Related news
- SolarWinds fixes critical RCE bug affecting all Web Help Desk versions (source)
- Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986) (source)
- SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software (source)
- SolarWinds fixes hardcoded credentials flaw in Web Help Desk (source)
- Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk (source)
- Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987) (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)