CVE-2025-26400
BaseFortify
Publication date: 2025-07-29
Last updated on: 2025-11-17
Assigner: SolarWinds
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| solarwinds | web_help_desk | to 12.8.7 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-611 | The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an XML External Entity Injection (XXE) in SolarWinds Web Help Desk. It allows an attacker with valid low-privilege access or local server access to potentially disclose sensitive information by exploiting how the application processes XML input. [1]
How can this vulnerability impact me? :
The vulnerability can lead to information disclosure, meaning sensitive data could be exposed to unauthorized parties. Exploitation requires either low-privilege access to the application or local server access to modify configuration files, which could compromise confidentiality. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate the CVE-2025-26400 vulnerability, you should upgrade SolarWinds Web Help Desk to version 12.8.7 or later, where the issue has been addressed. Additionally, ensure that only trusted users have access to the application, as exploitation requires valid low-privilege access or local server access to modify configuration files. Review and restrict permissions to configuration files to prevent unauthorized modifications. Follow the installation and upgrade instructions provided by SolarWinds for WHD 12.8.7, and consult the WHD Administrator Guide for any additional configuration such as FIPS mode deployment. [1]