Web Help Desk - Geek Feed

CISA flags critical SolarWinds RCE flaw as exploited in attacks

February 5, 2026February 5, 2026 geekfeed0Tagged Actively Exploited, CISA, CVE-2025-40551, rce, Remote Code Execution, SolarWinds, Warning, Web Help Desk

CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their systems within three days. Tracked as CVE-2025-40551, this security flaw stems from an untrusted data deserialization weakness discovered and reported by Horizon3.ai security researcher Jimi Sebree, which can allow unauthenticated attackers to gain remote command […]

2 mins read

SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws

January 31, 2026January 31, 2026 geekfeed0Tagged Authentication Bypass, credentials, CVE-2025-40552, CVE-2025-40554, hardcoded credentials, rce, Remote Command Execution, SolarWinds, Web Help Desk

SolarWinds has released security updates to patch critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk IT help desk software. The authentication bypass security flaws (tracked as CVE-2025-40552 and CVE-2025-40554) patched today by SolarWinds were reported by watchTowr’s Piotr Bazydlo and can be exploited by remote unauthenticated threat actors in low-complexity attacks. Bazydlo also […]

2 mins read

SolarWinds fixes critical RCE bug affecting all Web Help Desk versions

August 15, 2024August 15, 2024 geekfeed0Tagged Hotfix, Remote Command Execution, SolarWinds, vulnerability, Web Help Desk

A critical vulnerability in SolarWinds’ Web Help Desk solution for customer support could be exploited to achieve remote code execution, the American business software developer warns in a security advisory today. The company has released a hotfix and says that the security issue, tracked as CVE-2024-28986, is a Java deserialization that would allow an attacker to run commands […]

1 min read