5 matches found
SolarWinds Web Help Desk unauthenticated RCE
This module exploits an access control bypass vulnerability CVE-2025-40536 and an unsafe deserialization vulnerability CVE-2025-40551 to achieve unauthenticated RCE against a vulnerable SolarWinds Web Help Desk WHD server. Module Options msf use exploit/multi/http/solarwindswebhelpdeskrce msf...
📄 SolarWinds Web Help Desk Unauthenticated Remote Code Execution
This Metasploit module exploits an access control bypass vulnerability CVE-2025-40536 and an unsafe deserialization vulnerability CVE-2025-40551 to achieve unauthenticated remote code execution against a vulnerable SolarWinds Web Help Desk WHD server. This module requires Metasploit:...
PT-2026-7491
A stack-use-after-return issue exists in the Arduino Core STM32 library prior to version 1.7.0. The pwm start function allocates a TIM HandleTypeDef structure on the stack and passes its address to HAL initialization routines, where it is stored in a global timer handle registry. After the functi...
Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554
Overview On January 28, 2026, SolarWinds published an advisory for multiple new vulnerabilities affecting their Web Help Desk product. Web Help Desk is an IT help desk ticketing and asset management software solution. Of the six new CVEs disclosed in the advisory, four are critical, and allow a...
CVE-2025-40551
creationtimestamp| type| source ---|---|--- 2026-01-28 10:02:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdhzegua562m 2026-01-28 10:04:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdhzi6koa42c 2026-01-28 13:21:55+00:00| seen|...