Lucene search
+L

32 matches found

nessus
nessus
added 2025/04/16 12:0 a.m.6 views

Progress WhatsUp Gold < 24.0.3 Database Manipulation (CVE-2025-2572)

The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.3. It is, therefore, affected by a database manipulation vulnerability: - In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability allows an unauthenticated attacker to modify the...

5.6CVSS5.6AI score0.00228EPSS
Exploits0References3
thn
thn
added 2025/03/04 4:39 a.m.32 views

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The list of...

9.8CVSS9.7AI score0.99288EPSS
Exploits8
nessus
nessus
added 2025/01/17 12:0 a.m.14 views

Progress WhatsUp Gold < 24.0.2 Multiple Vulnerabilities (000273323)

The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.2. It is, therefore, affected by multiple vulnerabilities: - In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API. CVE-2024-12108 - In WhatsUp...

9.6CVSS7.8AI score0.42369EPSS
Exploits0References4
talos
talos
added 2025/01/08 12:0 a.m.38 views

Progress WhatsUp Gold SnmpExtendedActiveMonitor path traversal vulnerability

Talos Vulnerability Report TALOS-2024-2089 Progress WhatsUp Gold SnmpExtendedActiveMonitor path traversal vulnerability January 8, 2025 CVE Number CVE-2024-12105 SUMMARY A path traversal vulnerability exists in the handling of SnmpExtendedActiveMonitor requests in Progress WhatsUp Gold 24.0.1 Bui...

6.5CVSS6.4AI score0.42369EPSS
Exploits0
cnnvd
cnnvd
added 2024/12/31 12:0 a.m.5 views

Progress Software WhatsUp Gold 访问控制错误漏洞

Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. An Access Control Error vulnerability exists in Progress Software WhatsUp Gold versions...

9.4CVSS6.6AI score0.09442EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/10/24 12:0 a.m.4 views

PT-2024-38566 · Progress · Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Progress Software WhatsUp Gold versions prior to 2024.0.0 Description: The issue is related to an Authentication Bypass, allowing an attacker to obtain encrypted user credentials. This is due to a Missing Authentication vulnerability in the...

9.8CVSS7.1AI score0.00621EPSS
Exploits0References7
cisa
cisa
added 2024/09/16 12:0 p.m.17 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43461link is external Microsoft Windows MSHTML Platform Spoofing Vulnerability CVE-2024-6670link is external Progress WhatsUp Gold SQL Injection Vulnerability...

9.8CVSS10AI score0.94661EPSS
In wildExploits2References7
cisa_kev
cisa_kev
added 2024/09/16 12:0 a.m.29 views

Progress WhatsUp Gold SQL Injection Vulnerability

Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user...

9.8CVSS8.4AI score0.94661EPSS
In wildExploits2
thn
thn
added 2024/09/13 11:4 a.m.44 views

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

Malicious actors are likely leveraging publicly available proof-of-concept PoC exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks. The activity is said to have commenced on August 30, 2024, a mere five hours after a PoC was released f...

10CVSS8.2AI score0.99984EPSS
Exploits35
vulncheck_kev
vulncheck_kev
added 2024/09/12 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-6670

Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user...

9.8CVSS5.9AI score0.94661EPSS
Exploits2References1
ncsc
ncsc
added 2024/09/02 11:51 a.m.6 views

Vulnerabilities fixed in Progress WhatsUp Gold

Progress has fixed vulnerabilities in WhatsUp Gold. A malicious party can exploit the vulnerabilities to retrieve or change the password of the application user in a Single User installation, or in a Multi User installation to change the password of a user with elevated privileges through an...

9.8CVSS7.6AI score0.94661EPSS
Exploits2References1
githubexploit
githubexploit
added 2024/08/30 5:13 p.m.865 views

Exploit for SQL Injection in Progress Whatsup_Gold

CVE-2024-6670 PoC for Progress Software WhatsUp Gold HasErrors...

9.8CVSS10AI score0.94661EPSS
Exploits2
nessus
nessus
added 2024/08/27 12:0 a.m.34 views

Progress WhatsUp Gold < 24.0.0 Multiple Vulnerabilities (000263015)

The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 000263015 advisory: - In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQ...

9.8CVSS9.1AI score0.94661EPSS
Exploits2References5
nessus
nessus
added 2024/08/09 12:0 a.m.7 views

Progress WhatsUp Gold Detection

Binary data progresswhatsupgolddetect.nbin...

7.3AI score
Exploits0References1
nessus
nessus
added 2024/08/09 12:0 a.m.41 views

Progress WhatsUp Gold File Upload RCE (CVE-2024-4884)

Binary data progresswhatsupgoldcve-2024-4884.nbin...

9.8CVSS9.7AI score0.24306EPSS
Exploits0References2
nessus
nessus
added 2024/08/07 12:0 a.m.31 views

Progress WhatsUp Gold < 23.1.3 Multiple Vulnerabilities (000258130)

The version of Progress WhatsUp Gold installed on the remote host is prior to 23.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 000258130 advisory, including: - In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress...

9.8CVSS9.1AI score0.99288EPSS
Exploits5References16
githubexploit
githubexploit
added 2024/07/08 12:15 p.m.476 views

Exploit for Improper Privilege Management in Progress Whatsup_Gold

CVE-2024-5009 PoC for Progress WhatsUp Gold SetAdminPassword P...

8.4CVSS10AI score0.1503EPSS
Exploits2
githubexploit
githubexploit
added 2024/07/08 12:14 p.m.678 views

Exploit for Path Traversal in Progress Whatsup_Gold

CVE-2024-4885 PoC for CVE-2024-4885 Progress WhatsUp Gold GetF...

9.8CVSS10AI score0.99288EPSS
Exploits1
githubexploit
githubexploit
added 2024/07/08 12:14 p.m.423 views

Exploit for Code Injection in Progress Whatsup_Gold

CVE-2024-4883 PoC for CVE-2024-4883 Progress WhatsUp Gold Writ...

9.8CVSS7.4AI score0.64779EPSS
Exploits1
nvd
nvd
added 2024/06/25 8:15 p.m.37 views

CVE-2024-4883

In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe...

9.8CVSS0.64779EPSS
Exploits1References2
Rows per page
Query Builder