Reddit
SolarWinds Web Help Desk Pre-Auth RCE Vulnerability Disclosed
First seen 25 Feb 2026, 21:11 UTC
•
•92% similarity
•48.7
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
CVE-2024-28988 is a pre-auth deserialization remote code execution vulnerability in SolarWinds Web Help Desk. It was reported through the Zero Day Initiative and disclosed in October 2024, but remained unpatched until September 2025, affecting users of the software. The vulnerability allows unauthorized access to systems using the affected software.
ThreatCluster AI
Timeline
2024-10-01
CVE-2024-28988 disclosed
2025-09-01
CVE-2024-28988 published
2026-02-25
Articles published discussing the vulnerability