14 matches found
CVE-2024-4883
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe...
CVE-2024-8785
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEYLOCALMACHINE\SOFTWARE\WOW6432Node\Ipswitch\...
CVE-2024-8785
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEYLOCALMACHINE\SOFTWARE\WOW6432Node\Ipswitch...
CVE-2024-8785
CVE-2024-8785 affects Progress WhatsUp Gold pre-2024.0.1. The vulnerability stems from NmAPI.exe enabling remote unauthenticated actors to create or modify a registry value at HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch, potentially enabling remote code execution. Connected documents confirm...
CVE-2024-8785 WhatsUp Gold Registry Overwrite Remote Code Execution Vulnerability
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEYLOCALMACHINE\SOFTWARE\WOW6432Node\Ipswitch...
CVE-2024-8785 WhatsUp Gold Registry Overwrite Remote Code Execution Vulnerability
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEYLOCALMACHINE\SOFTWARE\WOW6432Node\Ipswitch...
Progress Software WhatsUp Gold 安全漏洞
Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability exists in Progress Software WhatsUp Gold versions prior to...
CVE-2024-4883
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe...
CVE-2024-4883 WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe...
CVE-2024-4883
Progress WhatsUp Gold is affected pre-2023.1.3 by an unauthenticated remote code execution via NmApi.exe (CVE-2024-4883). The root cause involves improper handling/validation in the NmApi surface enabling code execution as the service account. Impact is high (RCE, remote compromise). A PoC/exploi...
CVE-2024-4883 WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe...
Server side request forgery (ssrf)
An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 18.0. Malicious actors can submit specially crafted requests via the NmAPI executable to 1 gain unauthorized access to the WhatsUp Gold system, 2 obtain information about the WhatsUp Gold system, or 3 execute remote...
CVE-2018-8939
An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 18.0. Malicious actors can submit specially crafted requests via the NmAPI executable to 1 gain unauthorized access to the WhatsUp Gold system, 2 obtain information about the WhatsUp Gold system, or 3 execute remote...
CVE-2018-8939
CVE-2018-8939 describes a Server-Side Request Forgery (SSRF) in NmAPI.exe of Ipswitch WhatsUp Gold, affecting versions prior to 18.0. An attacker can submit specially crafted requests via NmAPI.exe to gain unauthorized access, obtain information about the WhatsUp Gold system, or execute remote co...