漏洞平台

POC详情： 02b024a1c1447b899b4bcd6112922e672fb21cda

来源

https://github.com/rxerium/CVE-2025-26399

关联漏洞

标题： SolarWinds Web Help Desk 代码问题漏洞 (CVE-2025-26399)
描述：SolarWinds Web Help Desk是美国SolarWinds公司的一套服务台和资产管理软件。该软件支持集中式知识库、IT资产管理、项目和任务管理等功能。 SolarWinds Web Help Desk存在代码问题漏洞，该漏洞源于未经验证的AjaxProxy反序列化问题，可能导致远程代码执行。

描述

Detection for CVE-2025-26399

介绍

# CVE-2025-26399

## How does this detection method work?

This script detects SolarWinds Web Help Desk instances vulnerable to CVE-2025-26399 by requesting the Helpdesk login page, confirming product identifiers in the response, extracting the embedded build token as a version string, and flagging systems running versions earlier than 12.8.7.0.

## How do I run this script?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com -t template.yaml` 

## References

- https://www.solarwinds.com/trust-center/security-advisories/cve-2025-26399
- https://nvd.nist.gov/vuln/detail/CVE-2025-26399


## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

## Share This Project

<div align="center">
  <a href="https://twitter.com/intent/tweet?text=Check%20out%20this%20CVE%20detection%20template%20by%20@rxerium!&url=https://github.com/rxerium/poc-template" target="_blank">
    <img src="https://img.shields.io/badge/🐦%20Share%20on-Twitter-lightgrey?style=flat&logo=twitter&logoColor=1DA1F2" alt="Share on Twitter"/>
  </a>
  <a href="https://www.linkedin.com/sharing/share-offsite/?url=https://github.com/rxerium/poc-template" target="_blank">
    <img src="https://img.shields.io/badge/💼%20Share%20on-LinkedIn-lightgrey?style=flat&logo=linkedin&logoColor=0077B5" alt="Share on LinkedIn"/>
  </a>
  <a href="mailto:?subject=CVE%20Detection%20Template&body=Check%20out%20this%20interesting%20CVE%20detection%20template%20by%20rxerium:%20https://github.com/rxerium/poc-template" target="_blank">
    <img src="https://img.shields.io/badge/%20Share%20via-Email-lightgrey?style=flat&logo=gmail&logoColor=D14836" alt="Share via Email"/>
  </a>
</div>

---

## Contact

Feel free to reach out via [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw) if you have any questions.

文件快照


 [4.0K]  /data/pocs/02b024a1c1447b899b4bcd6112922e672fb21cda
├── [1.4K]  CVE-2025-26339.yaml
└── [2.0K]  README.md

0 directories, 2 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。