Authenticated Remote Code Execution in Web Help Desk 12.7.8

(CVE-2021-35254)

Summary

SolarWinds received a report of a vulnerability related to an input that was not sanitized in Web Help Desk.
SolarWinds has removed this input field to prevent the misuse of this input in the future.

Affected Products

Web Help Desk versions 12.7.8 and earlier

Fixed Software Release

Web Help Desk 12.7.8 HF1

Advisory Details

Severity

8.2 High

Advisory ID

CVE-2021-35254

First Published

03/24/2022

Last Updated

03/24/2022

Version

Web Help Desk 12.7.8 HF1