Critical RCE Vulnerability in SolarWinds Web Help Desk Bypasses Previous Fixes (CVE-2025-26399)

A new critical vulnerability (CVE-2025-26399) has been discovered in SolarWinds Web Help Desk (WHD) that allows unauthenticated remote attackers to execute arbitrary code on the server via insecure deserialization in the AjaxProxy component. This vulnerability bypasses previous fixes for CVE-2024-28988 and CVE-2024-28986, indicating that the underlying issue might not have been fully addressed. SolarWinds has released WHD 12.8.7 Hotfix 1 to address this vulnerability. The impact of this vulnerability is significant, as it can lead to complete system compromise. Organizations using SolarWinds WHD should prioritize applying the latest hotfix to mitigate the risk of exploitation. This incident highlights the ongoing challenges in securing web applications against deserialization attacks and underscores the importance of thorough patching and testing. Insecure deserialization is a well-known attack vector that can lead to severe consequences, including remote code execution. It's crucial for developers to implement secure coding practices and for organizations to keep their software up-to-date with the latest security patches.