The host is installed with SolarWinds Orion Network Performance Monitor before 12.4 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle an issue in the OrionModuleEngine service. Successful exploitation remote, unauthenticated attackers to connect and call publicly exposed methods and execute commands as the SYSTEM user via the InvokeActionMethod method.