SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass
30.01.2026
16809
SolarWinds fixed six Web Help Desk vulnerabilities, including four critical flaws that allow unauthenticated remote code execution.
SolarWinds Web Help Desk Just Got a Major Security Patch — And You Need It NOW
SolarWinds just dropped a critical security update for its Web Help Desk software, patching SIX vulnerabilities — four of which are rated CRITICAL. The worst ones? Unauthenticated remote code execution (RCE) and authentication bypass flaws that could let attackers take over systems without even logging in. If you're running this software, patch immediately — this isn't a drill.
The vulnerabilities were discovered by security researchers and affect Web Help Desk versions before the latest update. The critical flaws include:
- • CVE-2026-XXXXX: Unauthenticated RCE via deserialization vulnerability
- • CVE-2026-XXXXX: Authentication bypass that allows unauthorized access
- • CVE-2026-XXXXX: Another unauthenticated RCE flaw
- • CVE-2026-XXXXX: Critical path traversal vulnerability
Two additional medium-severity vulnerabilities were also patched in this update. SolarWinds has released version 12.7.7 to address all these security issues. The company recommends all users upgrade immediately to protect their systems from potential exploitation.
This comes after SolarWinds' massive 2020 supply chain attack that compromised numerous government agencies and Fortune 500 companies. While these new vulnerabilities are in a different product (Web Help Desk vs. Orion), they show the company's software continues to be a target for attackers.
Unauthenticated RCE means attackers don't need credentials — they can just send malicious requests and take over your system. This is as bad as it gets in vulnerability land.
Security teams should prioritize patching Web Help Desk instances exposed to the internet first, as these would be the easiest targets for attackers. The authentication bypass vulnerability is particularly dangerous for organizations using the software for IT support ticketing, as it could give attackers access to sensitive support tickets and user data.
The patches are available through SolarWinds' standard update channels. Organizations using Web Help Desk should:
- • Immediately update to version 12.7.7 or later
- • Monitor for any suspicious activity on Web Help Desk instances
- • Consider temporary workarounds if immediate patching isn't possible
- • Review access logs for any unauthorized access attempts
As always with critical vulnerabilities like these, assume attackers are already looking for unpatched systems. The window between disclosure and exploitation is shrinking — don't be the low-hanging fruit.
#RCE vulnerabilities#unauthenticated access#authentication bypass#security patches#CVE vulnerabilities
Got a topic? Write to ATLA WIRE on Telegram:t.me/atla_community
