CNNVD-202509-3732 Information
CNNVD ID
CNNVD-202509-3732
Related CVE
- CNNVD Published: 2025-09-23
Description (Chinese)
SolarWinds Web Help Desk是美国SolarWinds公司的一套服务台和资产管理软件。该软件支持集中式知识库、IT资产管理、项目和任务管理等功能。 SolarWinds Web Help Desk存在代码问题漏洞,该漏洞源于未经验证的AjaxProxy反序列化问题,可能导致远程代码执行。
Description (English)
SolarWinds Web Help Desk is a service desk and asset management software for SolarWinds in the United States. The software supports functions such as a centralized knowledge base, IT asset management, project and task management. SolarWinds Web Help Desk has a code loophole, which stems from unverified AjaxProxy backsequencing problems, which may lead to remote code execution.
Hazard Level
Low
Vulnerability Type
代码问题
Affected Vendor
SolarWinds
Published
2025-09-23
Last Modified
2026-02-24
References
https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_12-8-7-hotfix-1_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26399