SolarWinds has patched several vulnerabilities in its Web Help Desk.

SolarWinds has released patches addressing six vulnerabilities in its Web Help Desk product, including four critical flaws that allow unauthenticated remote code execution or authentication bypass. The most severe issues stem from untrusted data deserialization and authentication weaknesses within the AjaxProxy functionality. Additional high‑severity bugs include a security control bypass and hardcoded credentials that could allow unauthorized administrative access.

Read more:

https://www.securityweek.com/solarwinds-patches-critical-web-help-desk-vulnerabilities/