CVE-2025-40552

CRITICAL NUCLEI

Solarwinds Web Help Desk < 2026.1 - Authentication Bypass

Title source: rule

Description

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.

Exploits (1)

nomisec WORKING POC

by watchtowrlabs · poc

https://github.com/watchtowrlabs/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553

View Code ZIP pw:eip

Nuclei Templates (1)

SolarWinds Web Help Desk - Authentication Bypass

CRITICALVERIFIEDby watchTowr,DhiyaneshDk

Shodan: http.favicon.hash:"1895809524"

References (3)

[Exploit, Third Party Advisory] https://github.com/watchtowrlabs/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553/blob/main/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553.py

[Release Notes] https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htm

[Vendor Advisory] https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40552

Scores

CVSS v3 9.8

EPSS 0.0992

EPSS Percentile 92.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-1390

Status published

Affected Products (1)

solarwinds/web_help_desk < 2026.1

Timeline

Published Jan 28, 2026

Tracked Since Feb 18, 2026