When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.

Security researchers have uncovered a critical-severity vulnerability in one of SolarWinds' most popular software products.

The vulnerability is tracked as CVE-2024-28987, and carries a severity score of 9.1/10.

Shadowed hands on a digital background reaching for a login prompt.

Image Credit: Shutterstock

It affects Web Help Desk 12.8.3 HF1 and all previous versions.

The earliest clean version is 12.8.3 HF2.

Hardcoded credentials everywhere

A patch is already available, but it needs to be manually installed.

However, hardcoded credentials are a frequent occurrence.

In March 2024, researchers found that millions of GitHub projects had the same problem.

However, they often forget to remove the secrets before publishing the code.

ViaThe Register

More from TechRadar Pro