CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Metasploit•added 2026/02/13 6:59 p.m.•416 views

SolarWinds Web Help Desk unauthenticated RCE

This module exploits an access control bypass vulnerability CVE-2025-40536 and an unsafe deserialization vulnerability CVE-2025-40551 to achieve unauthenticated RCE against a vulnerable SolarWinds Web Help Desk WHD server. Module Options msf use exploit/multi/http/solarwindswebhelpdeskrce msf...

9.8CVSS7.3AI score0.8413EPSS

Exploits4

Packet Storm•added 2026/02/13 12:0 a.m.•161 views

📄 SolarWinds Web Help Desk Unauthenticated Remote Code Execution

This Metasploit module exploits an access control bypass vulnerability CVE-2025-40536 and an unsafe deserialization vulnerability CVE-2025-40551 to achieve unauthenticated remote code execution against a vulnerable SolarWinds Web Help Desk WHD server. This module requires Metasploit:...

9.8CVSS6.5AI score0.8413EPSS

Exploits4

VulnCheck KEV•added 2026/02/12 12:0 a.m.•6 views

VulnCheck KEV: CVE-2025-40536

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality...

9.8CVSS5.7AI score0.81624EPSS

In wildExploits4References3