This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the CheckWhetherNonAdminAttemptsToModifyBlacklistedRecords function. The issue results from the lack of proper validation of the user-supplied SettingName parameter. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user.