4 matches found
CVE-2022-29845
In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file...
WhatsUp Gold Credentials Dump
This module exports and decrypts credentials from WhatsUp Gold to a CSV file; it is intended as a post-exploitation module for Windows hosts with WhatsUp Gold installed. The module has been tested on and can successfully decrypt credentials from WhatsUp versions 11.0 to the latest 22.x. Extracted...
CVE-2022-29845
creationtimestamp| type| source ---|---|--- 2022-05-11 22:40:46+00:00| seen| https://t.me/cibsecurity/42439 2023-03-17 21:59:16+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/post/windows/gather/credentials/whatsupgoldcredentialdump.rb 2025-02-06 03:13:45+00:00|...
CVE-2022-29845
Summary: CVE-2022-29845 affects Progress Ipswitch WhatsUp Gold versions 21.1.0–21.1.1 and 22.0.0. An authenticated user can trigger an API transaction to read the contents of a local file. The Red Hat and CVE CN/CZ records corroborate this issue with the same description. The Metasploit entry sho...