---
licence_title: Creative Commons Attribution 4.0 International (CC-BY 4.0)
licence_link: https://creativecommons.org/licenses/by/4.0/
licence_restrictions: https://cert.europa.eu/legal-notice
licence_author: The Cybersecurity Service for the Union institutions, bodies, offices and agencies    
title: 'Critical Vulnerability in SolarWinds Web Help Desk'
number: '2025-034'
version: '1.0'
original_date: '2025-09-17'
date: '2025-09-24'
---

_History:_

* _24/09/2025 --- v1.0 -- Initial publication_

# Summary

On September 17, 2025, SolarWinds released a security advisory addressing a critical vulnerability in its Web Help Desk product. The fix provided as part of this advisory is a patch bypass of CVE-24-28988, which in turn is a patch bypass of CVE-2024-28986 [1].

It is recommended updating affected assets as soon as possible.

# Technical Details

The vulnerability **CVE-2025-26399**, with a CVSS score of 9.8, an unauthenticated AjaxProxy deserialisation remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine [1].

# Affected Products

SolarWinds Web Help Desk 12.8.7 and all previous versions are affected by this vulnerability.

# Recommendations

It is recommended updating affected assets as soon as possible.

# References

[1] <https://www.solarwinds.com/trust-center/security-advisories/cve-2025-26399>