The vulnerability exists in the WebObjects request handling mechanism where improper validation of the badparam parameter allows attackers to bypass authentication controls. The exploit performs the following steps: Connects to SolarWinds Web Help Desk and retrieves initial session cookies. Searches through headers, cookies, and HTML for the WebObjects session identifier. Accesses a special route with manipulated 'badparam' parameters to test the bypass. Exploits the improperly validated 'badparam' parameter to bypass login and obtain admin session. Creates a persistent URL that allows direct unauthorized access to the administrative panel.
CVE Link
Exploit Platform
Product Name