CVE-2024-28987
SolarWinds Web Help Desk Hardcoded Credential Authentication Bypass
Description
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
INFO
Published Date :
Aug. 21, 2024, 10:15 p.m.
Last Modified :
Aug. 22, 2024, 12:48 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.2
Exploitability Score :
3.9
Public PoC/Exploit Available at Github
CVE-2024-28987 has a 2 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-28987.
| URL | Resource |
|---|---|
| https://support.solarwinds.com/SuccessCenter/s/article/SolarWinds-Web-Help-Desk-12-8-3-Hotfix-2 | |
| https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28987 |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Web Help Desk Hardcoded Credential Vulnerability (CVE-2024-28987)
Python
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
security cve exploit poc vulnerability
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-28987 vulnerability anywhere in the article.
-
Cybersecurity News
Windows 11 Surpasses Windows 10 as Dominant PC Gaming Platform
Please enable JavaScriptIn a notable development in the PC gaming landscape, Windows 11 has officially overtaken its predecessor, Windows 10, as the most widely adopted operating system among Steam us ... Read more
-
Cybersecurity News
Mekotio Trojan: A PowerShell-Based Threat Targeting Victims with Stealth and Persistence
The CYFIRMA Research and Advisory Team has identified a new and sophisticated cyber threat, dubbed the Mekotio Trojan. This malware leverages PowerShell, a powerful scripting language built into Windo ... Read more
-
Cybersecurity News
Hacking the Hacker: Researcher Found Critical Flaw (CVE-2024-45163) in Mirai Botnet
Image: FortinetSecurity researcher Jacob Masse has exposed a critical vulnerability within the Mirai botnet, the infamous malware that has plagued the Internet of Things (IoT) and server landscapes si ... Read more
-
Help Net Security
Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines are ... Read more
-
TheCyberThrone
Velvet Ant APT exploits Cisco bug CVE-2024-20399
Security researchers discovered that the China-linked APT group Velvet Ant has exploited the recently disclosed zero-day CVE-2024-20399 in Cisco switches to take over the network devices.Last month, C ... Read more
-
TheCyberThrone
SolarWinds fixes CVE-2024-28987 in WHD Product
SolarWinds has released an update to a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated attackers to gain unauthorized access to vulnerable instances.The v ... Read more
-
TheCyberThrone
Sonicwall fixes CVE-2024-40766 in SonicOS
SonicWall has released patch for a critical vulnerability affecting their SonicOS and could allow unauthorized access to SonicWall firewalls, potentially leading to a complete system compromise.The v ... Read more
-
Dark Reading
Patch Now: Second SolarWinds Critical Bug in Web Help Desk
Source: SOPA Images LimitedFor the second week in a row, SolarWinds has released a patch for a critical vulnerability in its IT help and ticketing software, Web Help Desk (WHD).According to its latest ... Read more
-
Help Net Security
Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)
A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw (CVE-2024-28987) in the compa ... Read more
-
The Register
SolarWinds left critical hardcoded credentials in its Web Help Desk product
SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sen ... Read more
-
The Hacker News
Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
Vulnerability / Network Security SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized acc ... Read more
-
security.nl
SolarWinds-software kwetsbaar door aanwezigheid hardcoded credential
De helpdesksoftware van SolarWinds is kwetsbaar door de aanwezigheid van een hardcoded credential, waardoor een ongeauthenticeerde aanvaller toegang tot het systeem kan krijgen en data kan aanpassen. ... Read more
-
BleepingComputer
SolarWinds fixes hardcoded credentials flaw in Web Help Desk
SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into unpatched systems using hardcoded credentials. Web Help Desk (WHD) is an IT help desk soft ... Read more
-
Cybersecurity News
CVE-2024-28000 in LiteSpeed Cache Plugin Actively Exploited: Over 30,000 Attacks Blocked in 24 Hours
A critical security vulnerability in the widely used LiteSpeed Cache plugin for WordPress has come under active exploitation, with over 30,000 attack attempts blocked in just the past 24 hours, accord ... Read more
-
Cybersecurity News
SolarWinds Web Help Desk Hit by Critical Vulnerability (CVE-2024-28987)
SolarWinds has issued an urgent security advisory for its Web Help Desk (WHD) software, warning of a critical hardcoded credential vulnerability (CVE-2024-28987) that poses a significant risk to organ ... Read more
The following table lists the changes that have been made to the
CVE-2024-28987 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Received by [email protected]
Aug. 21, 2024
Action Type Old Value New Value Added Description The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data. Added Reference SolarWinds https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28987 [No types assigned] Added Reference SolarWinds https://support.solarwinds.com/SuccessCenter/s/article/SolarWinds-Web-Help-Desk-12-8-3-Hotfix-2 [No types assigned] Added CWE SolarWinds CWE-798 Added CVSS V3.1 SolarWinds AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-28987 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-28987
weaknesses.