Security News > 2024 > September > PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)

PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)
2024-09-25 14:07

Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by unauthenticated attackers to remotely read and modify all help desk ticket details, are now public. “When assessing the exposure of our own clients, we found that organizations typically revealed sensitive process information for IT procedures such as user onboarding, password resets, and accessing shared resources. While this vulnerability does not lead to … More → The post PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2024/09/25/cve-2024-28987-poc/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-08-21 CVE-2024-28987 Unspecified vulnerability in Solarwinds web Help Desk
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
network
low complexity
solarwinds
critical
 9.1
9.1

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 44 0 80 95 40 215