CVE-2025-40537
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-28
Last updated on: 2026-02-03
Assigner: SolarWinds
Description
Description
SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| solarwinds | web_help_desk | to 2026.1 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in SolarWinds Web Help Desk involves hardcoded credentials that could allow an attacker, under certain conditions, to gain access to administrative functions.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could gain administrative access, potentially leading to unauthorized control over the system, data compromise, and disruption of services.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70