SolarWinds left critical hardcoded credentials in its Web Help Desk product

Why go to the effort of backdooring code when devs will basically do it for you accidentally anyway

SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sensitive data…

This article has been indexed from The Register – Security

Read the original article: