CVE-2025-40553

Sažetak

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

Reference

https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htm
https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40553

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

28-01-2026 - 08:16

Objavljeno

28-01-2026 - 08:16