Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-28987
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
SolarWinds Web Help Desk Hardcoded Credential Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
SolarWinds Web Help Desk 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SolarWinds Web Help Desk是美国SolarWinds公司的一套服务台和资产管理软件。该软件支持集中式知识库、IT资产管理、项目和任务管理等功能。 SolarWinds Web Help Desk存在信任管理问题漏洞,该漏洞源于受到硬编码凭证漏洞的影响,允许远程未经身份验证的用户访问内部功能并修改数据。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
SolarWindsWeb Help Desk 12.8.3 Hotfix 1 and previous versions -
II. Public POCs for CVE-2024-28987
#POC DescriptionSource LinkShenlong Link
1Web Help Desk Hardcoded Credential Vulnerability (CVE-2024-28987)https://github.com/fa-rrel/CVE-2024-28987-POCPOC Details
2Proof of Concept Exploit for CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential Vulnerabilityhttps://github.com/horizon3ai/CVE-2024-28987POC Details
3CVE-2024-28987 Scanner & Exploiter - SolarWinds Web Help Deskhttps://github.com/PlayerFridei/CVE-2024-28987POC Details
4Nonehttps://github.com/HazeLook/CVE-2024-28987POC Details
5Nonehttps://github.com/GordonPol1/CVE-2024-28987POC Details
6Nonehttps://github.com/Jaden1419/CVE-2024-28987POC Details
7Nonehttps://github.com/hatvix1/CVE-2024-28987POC Details
8Nonehttps://github.com/expl0itsecurity/CVE-2024-28987POC Details
9Web Help Desk Hardcoded Credential Vulnerability (CVE-2024-28987)https://github.com/gh-ost00/CVE-2024-28987-POCPOC Details
10The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-28987.yamlPOC Details
11Proof of Concept Exploit for CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential Vulnerabilityhttps://github.com/alecclyde/CVE-2024-28987POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2024-28987
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: Web Help Desk
Same vendor: SolarWinds
Same weakness: CWE-798
V. Comments for CVE-2024-28987

No comments yet

Leave a comment