CVE-2024-4885

WhatsUp Gold GetFileWithoutZip Directory Traversal Remote Code Execution Vulnerability

CVSS 9.8 CRITICALEPSS 99.3%● KEVCWE-22

In short

WhatsUp Gold allows attackers to exploit a flaw in the file export feature that lets them run harmful commands on the server without needing to log in. This is critical because it gives attackers complete control of the affected system.

Technical detail

The GetFileWithoutZip method in WhatsUp.ExportUtilities.Export is vulnerable to directory traversal (CWE-22), permitting unauthenticated remote code execution with iisapppool\nmconsole privileges. The vulnerability exploits insufficient path validation in file handling operations, allowing arbitrary command execution on the server.

Summary generated and translated by AI from the official description.

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\nmconsole privileges.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Progress Software Corporation · WhatsUp Gold

public PoCs found — 1

githubgithub.com/sinsinology/CVE-2024-4885★ 17

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4885 https://www.progress.com/network-monitoring