CVE-2024-28986 PoC — SolarWinds Web Help Desk 代码问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-28986.yaml

Associated Vulnerability

Title:SolarWinds Web Help Desk 代码问题漏洞 (CVE-2024-28986)
Description:SolarWinds Web Help Desk是美国SolarWinds公司的一套服务台和资产管理软件。该软件支持集中式知识库、IT资产管理、项目和任务管理等功能。 SolarWinds Web Help Desk 12.8.3及之前版本存在代码问题漏洞，该漏洞源于容易受到Java反序列化远程代码执行的攻击，从而允许访问主机上运行的命令。

Description

SolarWinds Web Help Desk before version 12.8.3 contain a critical Java deserialization vulnerability that enables remote code execution. Attackers can exploit this flaw to execute arbitrary commands on the host machine. Initially reported as unauthenticated, SolarWinds was unable to reproduce without authentication but still recommended immediate patching. With a CVSS score of 9.8, this vulnerability was discovered by Inmarsat Government researchers and added to CISA's Known Exploited Vulnerabilities Catalog due to active exploitation in the wild. The complete attack vector requires low complexity and has high impact on confidentiality, integrity, and availability. This vulnerability was later bypassed, leading to CVE-2024-28988 and subsequently CVE-2025-26399. Fixed in version 12.8.3 Hotfix 1.

File Snapshot


 id: CVE-2024-28986

info:
  name: SolarWinds Web Help Desk < 12.8.3 - Insecure Deserialization
  aut

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!