CVE-2025-40551

CRITICAL KEV NUCLEI

Solarwinds Web Help Desk < 2026.1 - Insecure Deserialization

Title source: rule

Description

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

Exploits (1)

metasploit WORKING POC GREAT

by Jimi Sebree, sfewer-r7 · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/solarwinds_webhelpdesk_rce.rb

View Code ZIP pw:eip

Nuclei Templates (1)

SolarWinds Web Help Desk < 2026.1 - Unauthenticated JNDI Injection RCE

CRITICALVERIFIEDby Horizon3.ai

Shodan: http.favicon.hash:1895809524

References (3)

[Release Notes] https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htm

[Vendor Advisory] https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40551

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-40551

Scores

CVSS v3 9.8

EPSS 0.8747

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2026-02-03

VulnCheck KEV 2026-02-03

ENISA EUVD EUVD-2025-206426

CWE

CWE-502

Status published

Products (1)

solarwinds/web_help_desk < 2026.1

Published Jan 28, 2026

KEV Added Feb 03, 2026

Tracked Since Feb 18, 2026