CVE-2025-40552

CRITICAL NUCLEI

SolarWinds Web Help Desk < 2026.1 - Authentication Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-40552. PoCs published by watchtowrlabs. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2025-40552 (authentication bypass) and CVE-2025-40553 (RCE) in SolarWinds Web Help Desk. The script demonstrates the vulnerability chain by bypassing authentication and executing arbitrary commands via deserialization of a malicious BasicDataSource object.

Description

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.

Exploits (1)

nomisec WORKING POC

by watchtowrlabs · poc

https://github.com/watchtowrlabs/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553

View Code ZIP pw:eip

This repository contains a functional exploit PoC for CVE-2025-40552 (authentication bypass) and CVE-2025-40553 (RCE) in SolarWinds Web Help Desk. The script demonstrates the vulnerability chain by bypassing authentication and executing arbitrary commands via deserialization of a malicious BasicDataSource object.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SolarWinds Web Help Desk < 2026.1

No auth needed

Prerequisites: Network access to the target SolarWinds Web Help Desk instance · PostgreSQL database accessible on the target system

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 26, 2026 Full analysis →

Nuclei Templates (1)

SolarWinds Web Help Desk - Authentication Bypass

CRITICALVERIFIEDby watchTowr,DhiyaneshDk

Shodan: http.favicon.hash:"1895809524"

References (3)

Core 3

Core References

Exploit, Third Party Advisory

https://github.com/watchtowrlabs/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553/blob/main/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553.py

View Exploit ZIP pw:eip

Vendor Advisory vendor-advisory patch

https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40552

Release Notes

https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htm

Scores

CVSS v3 9.8

EPSS 0.0855

EPSS Percentile 92.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-1390

Status published

Products (1)

solarwinds/web_help_desk < 2026.1

Published Jan 28, 2026

Tracked Since Feb 18, 2026