SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2025-26399)

Summary

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.

Affected Products

SolarWinds Web Help Desk 12.8.7 and all previous versions

Fixed Software Release

SolarWinds Web Help Desk 12.8.7 HF1

Acknowledgments

Anonymous working with Trend Micro Zero Day Initiative

Advisory Detail
Severity
Critical
Advisory ID

CVE-2025-26399

First Published
09/17/2025
Fixed Version

SolarWinds Web Help Desk 12.8.7 HF1

CVSS Score

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Download PDF
Send an Email