32 matches found
EUVD-2025-206248
Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows REST API modules.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.3, from 2023.0.0 before 2023.0.8, from 2022.1.0 before 2022.1.11, from 2022.0.0 before 2022.0.10...
CVE-2024-5017
In WhatsUp Gold versions released before 2023.1.3, a path traversal vulnerability exists. A specially crafted unauthenticated HTTP request to AppProfileImport can lead can lead to information disclosure...
CVE-2024-5013
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Denial of Service vulnerability was identified. An unauthenticated attacker can put the application into the SetAdminPassword installation step, which renders the application non-accessible...
CVE-2024-5015
In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI.Areas.Wug.Controllers.SessionControler.Update allows a low privileged user to chain this SSRF with an Improper Access Control vulnerability. This can be used to escalate privileges to Admin...
CVE-2024-5011
In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption vulnerability exists. A specially crafted unauthenticated HTTP request to the TestController Chart functionality can lead to denial of service...
EUVD-2024-46282
In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain permissions can upload an arbitrary file and obtain RCE using Apm.UI.Areas.APM.Controllers.Api.Applications.AppProfileImportController...
Progress Software WhatsUp Gold Security Vulnerability
Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability exists in Progress Software WhatsUp Gold version 2023.1.3, whi...
PT-2024-33960 · Ipswitch · Whatsup Gold
Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: An unauthenticated Denial of Service issue was identified, allowing an unauthenticated attacker to put the application into the SetAdminPassword installation step. This renders the...
Progress Software WhatsUp Gold Security Vulnerability
Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability exists in Progress Software WhatsUp Gold version 2023.1.3, whi...
PT-2024-33982 · Ipswitch · Whatsup Gold
Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: The issue involves an authenticated Server-Side Request Forgery SSRF vulnerability in the Wug.UI.Areas.Wug.Controllers.SessionControler.Update function. This vulnerability can be chained wi...
PT-2024-33991 · Ipswitch · Whatsup Gold
Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: The issue allows for Remote Code Execution as SYSTEM by exploiting Distributed Edition installations using a deserialization tool. The vulnerability exists in the main message processing...
Progress Software WhatsUp Gold Security Vulnerability
Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability exists in Progress Software WhatsUp Gold version 2023.1.3, whi...
PT-2024-33942 · Ipswitch · Whatsup Gold
Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: The issue is related to an uncontrolled resource consumption vulnerability. A specially crafted unauthenticated HTTP request to the "TestController Chart" functionality can lead to denial o...
Progress Software WhatsUp Gold Security Vulnerability
Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability exists in Progress Software WhatsUp Gold version 2023.1.3, whi...
PT-2024-33971 · Ipswitch · Whatsup Gold
Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: A Server Side Request Forgery issue exists in the GetASPReport feature, allowing any authenticated user to retrieve ASP reports from an HTML form. Recommendations: For versions prior to...
Progress Software WhatsUp Gold Security Vulnerability
Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability exists in Progress Software WhatsUp Gold version 2023.1.3, whi...
PT-2024-34013 · Ipswitch · Whatsup Gold
Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: The issue allows for an unauthenticated Path Traversal, enabling the reading of any file from the application's web-root directory. This is due to a vulnerability in the...
PT-2024-33246 · Progress · Progress Whatsup Gold
Name of the Vulnerable Software and Affected Versions: Progress WhatsUp Gold versions prior to 2023.1.3 Description: A Remote Code Execution issue exists in Progress WhatsUp Gold, allowing an unauthenticated attacker to achieve Remote Code Execution as a service account through NmApi.exe...
PT-2024-33953 · Ipswitch · Whatsup Gold
Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: The issue is related to a missing authentication vulnerability in WUGDataAccess.Credentials. This allows unauthenticated attackers to disclose Windows Credentials stored in the product...
PT-2024-34023 · Ipswitch · Whatsup Gold
Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: The issue allows for an unauthenticated Arbitrary File Read, which exists in Wug.UI.Areas.Wug.Controllers.SessionController.CachedCSS. This allows reading of any file with iisapppoolNmConso...