33 matches found
Progress WhatsUp Gold < 24.0.3 Database Manipulation (CVE-2025-2572)
The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.3. It is, therefore, affected by a database manipulation vulnerability: - In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability allows an unauthenticated attacker to modify the...
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The list of...
CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20118link is external Cisco Small Business RV Series Routers Command Injection Vulnerability CVE-2022-43939link is external Hitachi Vantara Pentaho BA Server...
Progress WhatsUp Gold < 24.0.2 Multiple Vulnerabilities (000273323)
The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.2. It is, therefore, affected by multiple vulnerabilities: - In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API. CVE-2024-12108 - In WhatsUp...
Progress WhatsUp Gold SnmpExtendedActiveMonitor path traversal vulnerability
Talos Vulnerability Report TALOS-2024-2089 Progress WhatsUp Gold SnmpExtendedActiveMonitor path traversal vulnerability January 8, 2025 CVE Number CVE-2024-12105 SUMMARY A path traversal vulnerability exists in the handling of SnmpExtendedActiveMonitor requests in Progress WhatsUp Gold 24.0.1 Bui...
Progress Software WhatsUp Gold 访问控制错误漏洞
Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. An Access Control Error vulnerability exists in Progress Software WhatsUp Gold versions...
PT-2024-38566 · Progress · Whatsup Gold
Name of the Vulnerable Software and Affected Versions: Progress Software WhatsUp Gold versions prior to 2024.0.0 Description: The issue is related to an Authentication Bypass, allowing an attacker to obtain encrypted user credentials. This is due to a Missing Authentication vulnerability in the...
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43461link is external Microsoft Windows MSHTML Platform Spoofing Vulnerability CVE-2024-6670link is external Progress WhatsUp Gold SQL Injection Vulnerability...
Progress WhatsUp Gold SQL Injection Vulnerability
Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user...
Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw
Malicious actors are likely leveraging publicly available proof-of-concept PoC exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks. The activity is said to have commenced on August 30, 2024, a mere five hours after a PoC was released f...
VulnCheck KEV: CVE-2024-6670
Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user...
Vulnerabilities fixed in Progress WhatsUp Gold
Progress has fixed vulnerabilities in WhatsUp Gold. A malicious party can exploit the vulnerabilities to retrieve or change the password of the application user in a Single User installation, or in a Multi User installation to change the password of a user with elevated privileges through an...
Exploit for SQL Injection in Progress Whatsup_Gold
CVE-2024-6670 PoC for Progress Software WhatsUp Gold HasErrors...
Progress WhatsUp Gold < 24.0.0 Multiple Vulnerabilities (000263015)
The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 000263015 advisory: - In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQ...
Progress WhatsUp Gold Detection
Binary data progresswhatsupgolddetect.nbin...
Progress WhatsUp Gold File Upload RCE (CVE-2024-4884)
Binary data progresswhatsupgoldcve-2024-4884.nbin...
Progress WhatsUp Gold < 23.1.3 Multiple Vulnerabilities (000258130)
The version of Progress WhatsUp Gold installed on the remote host is prior to 23.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 000258130 advisory, including: - In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress...
Exploit for Improper Privilege Management in Progress Whatsup_Gold
CVE-2024-5009 PoC for Progress WhatsUp Gold SetAdminPassword P...
Exploit for Path Traversal in Progress Whatsup_Gold
CVE-2024-4885 PoC for CVE-2024-4885 Progress WhatsUp Gold GetF...
Exploit for Code Injection in Progress Whatsup_Gold
CVE-2024-4883 PoC for CVE-2024-4883 Progress WhatsUp Gold Writ...