Lucene search
K

33 matches found

Tenable Nessus
Tenable Nessus
added 2025/04/16 12:0 a.m.6 views

Progress WhatsUp Gold < 24.0.3 Database Manipulation (CVE-2025-2572)

The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.3. It is, therefore, affected by a database manipulation vulnerability: - In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability allows an unauthenticated attacker to modify the...

5.6CVSS5.6AI score0.00228EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2025/03/04 4:39 a.m.32 views

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The list of...

9.8CVSS9.7AI score0.99288EPSS
Exploits8
CISA
CISA
added 2025/03/03 12:0 p.m.16 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20118link is external Cisco Small Business RV Series Routers Command Injection Vulnerability CVE-2022-43939link is external Hitachi Vantara Pentaho BA Server...

9.8CVSS7.7AI score0.99288EPSS
In wildExploits8References10
Tenable Nessus
Tenable Nessus
added 2025/01/17 12:0 a.m.14 views

Progress WhatsUp Gold < 24.0.2 Multiple Vulnerabilities (000273323)

The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.2. It is, therefore, affected by multiple vulnerabilities: - In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API. CVE-2024-12108 - In WhatsUp...

9.6CVSS7.8AI score0.42369EPSS
Exploits0References4
Talos
Talos
added 2025/01/08 12:0 a.m.38 views

Progress WhatsUp Gold SnmpExtendedActiveMonitor path traversal vulnerability

Talos Vulnerability Report TALOS-2024-2089 Progress WhatsUp Gold SnmpExtendedActiveMonitor path traversal vulnerability January 8, 2025 CVE Number CVE-2024-12105 SUMMARY A path traversal vulnerability exists in the handling of SnmpExtendedActiveMonitor requests in Progress WhatsUp Gold 24.0.1 Bui...

6.5CVSS6.4AI score0.42369EPSS
Exploits0
CNNVD
CNNVD
added 2024/12/31 12:0 a.m.4 views

Progress Software WhatsUp Gold 访问控制错误漏洞

Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. An Access Control Error vulnerability exists in Progress Software WhatsUp Gold versions...

9.4CVSS6.6AI score0.09442EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.4 views

PT-2024-38566 · Progress · Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Progress Software WhatsUp Gold versions prior to 2024.0.0 Description: The issue is related to an Authentication Bypass, allowing an attacker to obtain encrypted user credentials. This is due to a Missing Authentication vulnerability in the...

9.8CVSS7.1AI score0.00621EPSS
Exploits0References7
CISA
CISA
added 2024/09/16 12:0 p.m.17 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43461link is external Microsoft Windows MSHTML Platform Spoofing Vulnerability CVE-2024-6670link is external Progress WhatsUp Gold SQL Injection Vulnerability...

9.8CVSS10AI score0.94661EPSS
In wildExploits2References7
CISA KEV Catalog
CISA KEV Catalog
added 2024/09/16 12:0 a.m.28 views

Progress WhatsUp Gold SQL Injection Vulnerability

Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user...

9.8CVSS8.4AI score0.94661EPSS
In wildExploits2
The Hacker News
The Hacker News
added 2024/09/13 11:4 a.m.44 views

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

Malicious actors are likely leveraging publicly available proof-of-concept PoC exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks. The activity is said to have commenced on August 30, 2024, a mere five hours after a PoC was released f...

10CVSS8.2AI score0.99984EPSS
Exploits35
VulnCheck KEV
VulnCheck KEV
added 2024/09/12 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-6670

Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user...

9.8CVSS5.9AI score0.94661EPSS
Exploits2References1
NCSC
NCSC
added 2024/09/02 11:51 a.m.5 views

Vulnerabilities fixed in Progress WhatsUp Gold

Progress has fixed vulnerabilities in WhatsUp Gold. A malicious party can exploit the vulnerabilities to retrieve or change the password of the application user in a Single User installation, or in a Multi User installation to change the password of a user with elevated privileges through an...

9.8CVSS7.6AI score0.94661EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2024/08/30 5:13 p.m.864 views

Exploit for SQL Injection in Progress Whatsup_Gold

CVE-2024-6670 PoC for Progress Software WhatsUp Gold HasErrors...

9.8CVSS10AI score0.94661EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/08/27 12:0 a.m.34 views

Progress WhatsUp Gold < 24.0.0 Multiple Vulnerabilities (000263015)

The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 000263015 advisory: - In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQ...

9.8CVSS9.1AI score0.94661EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2024/08/09 12:0 a.m.7 views

Progress WhatsUp Gold Detection

Binary data progresswhatsupgolddetect.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/08/09 12:0 a.m.40 views

Progress WhatsUp Gold File Upload RCE (CVE-2024-4884)

Binary data progresswhatsupgoldcve-2024-4884.nbin...

9.8CVSS9.7AI score0.24306EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/08/07 12:0 a.m.31 views

Progress WhatsUp Gold < 23.1.3 Multiple Vulnerabilities (000258130)

The version of Progress WhatsUp Gold installed on the remote host is prior to 23.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 000258130 advisory, including: - In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress...

9.8CVSS9.1AI score0.99288EPSS
Exploits5References16
GithubExploit
GithubExploit
added 2024/07/08 12:15 p.m.476 views

Exploit for Improper Privilege Management in Progress Whatsup_Gold

CVE-2024-5009 PoC for Progress WhatsUp Gold SetAdminPassword P...

8.4CVSS10AI score0.1503EPSS
Exploits2
GithubExploit
GithubExploit
added 2024/07/08 12:14 p.m.670 views

Exploit for Path Traversal in Progress Whatsup_Gold

CVE-2024-4885 PoC for CVE-2024-4885 Progress WhatsUp Gold GetF...

9.8CVSS10AI score0.99288EPSS
Exploits1
GithubExploit
GithubExploit
added 2024/07/08 12:14 p.m.422 views

Exploit for Code Injection in Progress Whatsup_Gold

CVE-2024-4883 PoC for CVE-2024-4883 Progress WhatsUp Gold Writ...

9.8CVSS7.4AI score0.64779EPSS
Exploits1
Rows per page
Query Builder