Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
whatsup gold vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-0799
The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote malicious users to cause a denial of service (server crash) via a GET request containing an MS-DOS device name, as demonstrated using "prn.htm".
Ipswitch Whatsup Gold 7.0
Ipswitch Whatsup Gold 8.03
Ipswitch Whatsup Gold 8.03 Hotfix 1
Ipswitch Whatsup Gold 8.0
Ipswitch Whatsup Gold 8.01
Ipswitch Whatsup Gold 7.03
Ipswitch Whatsup Gold 7.04
7.5
CVSSv2
CVE-2004-0798
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold prior to 8.03 Hotfix 1 allows remote malicious users to execute arbitrary code via a long instancename parameter.
Ipswitch Whatsup Gold 8.01
Ipswitch Whatsup Gold 8.03
Ipswitch Whatsup Gold 7.04
Ipswitch Whatsup Gold 8.0
Ipswitch Whatsup Gold 7.0
Ipswitch Whatsup Gold 7.03
2 EDB exploits
4
CVSSv2
CVE-2022-29845
In Progress Ipswitch WhatsUp Gold 21.1.0 up to and including 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold 21.1.0
Ipswitch Whatsup Gold 21.1.1
5
CVSSv2
CVE-2022-29846
In Progress Ipswitch WhatsUp Gold 16.1 up to and including 21.1.1, and 22.0.0, it is possible for an unauthenticated malicious user to obtain the WhatsUp Gold installation serial number.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold
5
CVSSv2
CVE-2022-29847
In Progress Ipswitch WhatsUp Gold 21.0.0 up to and including 21.1.1, and 22.0.0, it is possible for an unauthenticated malicious user to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold
4
CVSSv2
CVE-2022-29848
In Progress Ipswitch WhatsUp Gold 17.0.0 up to and including 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.
Ipswitch Whatsup Gold
Ipswitch Whatsup Gold 22.0.0
7.5
CVSSv2
CVE-2018-5777
An issue exists in Ipswitch WhatsUp Gold prior to 2017 Plus SP1 (17.1.1). Remote clients can take advantage of a misconfiguration in the TFTP server that could allow malicious users to execute arbitrary commands on the TFTP server via unspecified vectors.
Ipswitch Whatsup Gold
7.5
CVSSv2
CVE-2018-5778
An issue exists in Ipswitch WhatsUp Gold prior to 2017 Plus SP1 (17.1.1). Multiple SQL injection vulnerabilities are present in the legacy .ASP pages, which could allow malicious users to execute arbitrary SQL commands via unspecified vectors.
Ipswitch Whatsup Gold
7.5
CVSSv2
CVE-2018-8939
An SSRF issue exists in NmAPI.exe in Ipswitch WhatsUp Gold prior to 2018 (18.0). Malicious actors can submit specially crafted requests via the NmAPI executable to (1) gain unauthorized access to the WhatsUp Gold system, (2) obtain information about the WhatsUp Gold system, or (3...
Ipswitch Whatsup Gold
NA
CVE-2023-35759
In Progress WhatsUp Gold prior to 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated malicious user to execute arbitrary code in a victim's browser, aka XSS.
Progress Whatsup Gold
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »