-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Add SolarWinds Web Help Desk version detection module #1506
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
Aarush289
wants to merge
22
commits into
OWASP:master
Choose a base branch
from
Aarush289:cve_2025_40536
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+51
−0
Open
Changes from 18 commits
Commits
Show all changes
22 commits
Select commit
Hold shift + click to select a range
0cc045d
Merge pull request #4 from OWASP/master
Aarush289 2a32fe2
Merge pull request #8 from OWASP/master
Aarush289 4090ae3
Merge pull request #9 from OWASP/master
Aarush289 2a0b83e
Add FortiWeb authentication bypass vulnerability check
Aarush289 b1ffe4e
Remove FortiWeb auth bypass vulnerability entry
Aarush289 6db5ee7
Fix vulnerability name in wp_plugin_cve_2021_38314.yaml
Aarush289 6fd226a
Rename CVE identifier from 39314 to 39320
Aarush289 03675d5
Merge pull request #10 from OWASP/master
Aarush289 0d3399e
Merge pull request #13 from OWASP/master
Aarush289 ace2db9
Merge pull request #14 from OWASP/master
Aarush289 0711d39
Merge pull request #16 from OWASP/master
Aarush289 0857127
Merge pull request #18 from OWASP/master
Aarush289 44a9ae6
Merge pull request #19 from OWASP/master
Aarush289 95ac772
Merge pull request #20 from OWASP/master
Aarush289 dd080aa
new module added
Aarush289 8ba9258
remove the debug comments
Aarush289 102cdbe
changes of http removed
Aarush289 faf7a59
Merge branch 'master' into cve_2025_40536
Aarush289 b7be1d3
fixed the version regex
Aarush289 daf9bc3
updated the desciption
Aarush289 344e21b
version scan added
Aarush289 d46e258
Merge branch 'master' into cve_2025_40536
Aarush289 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| info: | ||
| name: solarwinds_whd_cve_2025_40536_vuln | ||
| author: Nettacker Team | ||
| severity: 8.1 | ||
| description: | | ||
| Identifies SolarWinds Web Help Desk instances | ||
| by analyzing response content and extracting | ||
| the embedded build version token from resource URLs. | ||
| The detected version is evaluated against the patched | ||
| threshold (12.8.8 HF1) to determine potential exposure. | ||
| This enables passive and safe identification of systems affected by the security control bypass vulnerability. | ||
| reference: | ||
| - https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40536 | ||
| - https://nvd.nist.gov/vuln/detail/CVE-2025-40536 | ||
| profiles: | ||
| - vuln | ||
| - http | ||
| - high_severity | ||
| - cve2025 | ||
| - cve | ||
| - cisa kev | ||
| - solarwinds | ||
| - webhelpdesk | ||
| - passive | ||
|
|
||
| payloads: | ||
| - library: http | ||
| steps: | ||
| - method: get | ||
| timeout: 3 | ||
| headers: | ||
| User-Agent: "{user_agent}" | ||
| Host: "{target}" | ||
| allow_redirects: false | ||
| ssl: false | ||
| url: | ||
| nettacker_fuzzer: | ||
| input_format: "{{schema}}://{target}:{{ports}}/helpdesk/WebObjects/Helpdesk.woa" | ||
| prefix: "" | ||
| suffix: "" | ||
| interceptors: | ||
| data: | ||
| schema: | ||
| - "http" | ||
| - "https" | ||
| ports: | ||
| - 80 | ||
| - 443 | ||
|
|
||
| response: | ||
| condition_type: and | ||
| conditions: | ||
| status_code: | ||
| regex: "200" | ||
| reverse: false | ||
| content: | ||
| regex: "(?s)(?=.*(Web Help Desk Software|SolarWinds WorldWide|/WebObjects/Helpdesk\\.woa))(?=.*\\?v=12_([0-7]|8_[0-7])_[0-9]+_[0-9]+)" | ||
|
coderabbitai[bot] marked this conversation as resolved.
Outdated
|
||
| reverse: false | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.