Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
progress whatsup gold vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6595
In WhatsUp Gold versions released prior to 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated malicious user to enumerate ancillary credential information stored within WhatsUp Gold.
Progress Whatsup Gold
1 Github repository
NA
CVE-2023-6366
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted paylo...
Progress Whatsup Gold
NA
CVE-2023-35759
In Progress WhatsUp Gold prior to 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated malicious user to execute arbitrary code in a victim's browser, aka XSS.
Progress Whatsup Gold
NA
CVE-2023-6364
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within a dashboard component. If a WhatsUp Gold user interacts with the craft...
Progress Whatsup Gold
NA
CVE-2023-6365
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted pay...
Progress Whatsup Gold
NA
CVE-2023-6367
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within Roles. If a WhatsUp Gold user interacts with the crafted payload, the...
Progress Whatsup Gold
NA
CVE-2023-6368
In WhatsUp Gold versions released prior to 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated malicious user to enumerate information related to a registered device being monitored by WhatsUp Gold.
Progress Whatsup Gold
NA
CVE-2022-42711
In Progress WhatsUp Gold prior to 22.1.0, an SNMP MIB Walker application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated malicious user to execute arbitrary code in a victim's browser.
Progress Whatsup Gold
5
CVSSv2
CVE-2022-29847
In Progress Ipswitch WhatsUp Gold 21.0.0 up to and including 21.1.1, and 22.0.0, it is possible for an unauthenticated malicious user to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold
4
CVSSv2
CVE-2022-29845
In Progress Ipswitch WhatsUp Gold 21.1.0 up to and including 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold 21.1.0
Ipswitch Whatsup Gold 21.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »