CVE-2024-28987 PoC — SolarWinds Web Help Desk 信任管理问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-28987.yaml

Associated Vulnerability

Title:SolarWinds Web Help Desk 信任管理问题漏洞 (CVE-2024-28987)
Description:SolarWinds Web Help Desk是美国SolarWinds公司的一套服务台和资产管理软件。该软件支持集中式知识库、IT资产管理、项目和任务管理等功能。 SolarWinds Web Help Desk存在信任管理问题漏洞，该漏洞源于受到硬编码凭证漏洞的影响，允许远程未经身份验证的用户访问内部功能并修改数据。

Description

The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.

File Snapshot


 id: CVE-2024-28987

info:
  name: SolarWinds Web Help Desk - Hardcoded Credential
  author: iamnoooo

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!