Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ipswitch whatsup gold vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-0799
The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote malicious users to cause a denial of service (server crash) via a GET request containing an MS-DOS device name, as demonstrated using "prn.htm".
Ipswitch Whatsup Gold 7.0
Ipswitch Whatsup Gold 8.03
Ipswitch Whatsup Gold 8.03 Hotfix 1
Ipswitch Whatsup Gold 8.0
Ipswitch Whatsup Gold 8.01
Ipswitch Whatsup Gold 7.03
Ipswitch Whatsup Gold 7.04
7.5
CVSSv2
CVE-2004-0798
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold prior to 8.03 Hotfix 1 allows remote malicious users to execute arbitrary code via a long instancename parameter.
Ipswitch Whatsup Gold 8.01
Ipswitch Whatsup Gold 8.03
Ipswitch Whatsup Gold 7.04
Ipswitch Whatsup Gold 8.0
Ipswitch Whatsup Gold 7.0
Ipswitch Whatsup Gold 7.03
2 EDB exploits
4
CVSSv2
CVE-2022-29845
In Progress Ipswitch WhatsUp Gold 21.1.0 up to and including 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold 21.1.0
Ipswitch Whatsup Gold 21.1.1
5
CVSSv2
CVE-2022-29846
In Progress Ipswitch WhatsUp Gold 16.1 up to and including 21.1.1, and 22.0.0, it is possible for an unauthenticated malicious user to obtain the WhatsUp Gold installation serial number.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold
5
CVSSv2
CVE-2022-29847
In Progress Ipswitch WhatsUp Gold 21.0.0 up to and including 21.1.1, and 22.0.0, it is possible for an unauthenticated malicious user to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold
4
CVSSv2
CVE-2022-29848
In Progress Ipswitch WhatsUp Gold 17.0.0 up to and including 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.
Ipswitch Whatsup Gold
Ipswitch Whatsup Gold 22.0.0
6.5
CVSSv2
CVE-2015-6004
Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold prior to 16.4 allow remote malicious users to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device parameter.
Ipswitch Whatsup Gold
3.5
CVSSv2
CVE-2015-6005
Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold prior to 16.4 allow remote malicious users to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow M...
Ipswitch Whatsup Gold
6.5
CVSSv2
CVE-2016-1000000
Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection
Ipswitch Whatsup Gold
7.5
CVSSv2
CVE-2018-8938
A Code Injection issue exists in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold prior to 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server.
Ipswitch Whatsup Gold
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »