CVE-2024-4885
Progress WhatsUp Gold GetFileWithoutZip Directory Traversal (CVE-2024-4885) allows unauthenticated remote code execution. The flaw stems from unvalidated user-supplied paths used in file operations within GetFileWithoutZip, enabling commands to run with iisapppool\nmconsole/service account privil...