Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
progress whatsup gold vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4561
In WhatsUp Gold versions released prior to 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an malicious user to send arbitrary HTTP requests on behalf of the vulnerable server.
NA
CVE-2024-4562
In WhatsUp Gold versions released prior to 2023.1.2 , an SSRF vulnerability exists in Whatsup Gold's Issue exists in the HTTP Monitoring functionality. Due to the lack of proper authorization, any authenticated user can access the HTTP monitoring functionality, what leads t...
NA
CVE-2023-6364
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within a dashboard component. If a WhatsUp Gold user interacts with the craft...
Progress Whatsup Gold
NA
CVE-2023-6365
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted pay...
Progress Whatsup Gold
NA
CVE-2023-6366
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted paylo...
Progress Whatsup Gold
NA
CVE-2023-6367
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within Roles. If a WhatsUp Gold user interacts with the crafted payload, the...
Progress Whatsup Gold
NA
CVE-2023-6368
In WhatsUp Gold versions released prior to 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated malicious user to enumerate information related to a registered device being monitored by WhatsUp Gold.
Progress Whatsup Gold
NA
CVE-2023-6595
In WhatsUp Gold versions released prior to 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated malicious user to enumerate ancillary credential information stored within WhatsUp Gold.
Progress Whatsup Gold
1 Github repository
NA
CVE-2023-35759
In Progress WhatsUp Gold prior to 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated malicious user to execute arbitrary code in a victim's browser, aka XSS.
Progress Whatsup Gold
NA
CVE-2022-42711
In Progress WhatsUp Gold prior to 22.1.0, an SNMP MIB Walker application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated malicious user to execute arbitrary code in a victim's browser.
Progress Whatsup Gold
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »