An SSRF issue exists in NmAPI.exe in Ipswitch WhatsUp Gold prior to 2018 (18.0). Malicious actors can submit specially crafted requests via the NmAPI executable to (1) gain unauthorized access to the WhatsUp Gold system, (2) obtain information about the WhatsUp Gold system, or (3) execute remote commands.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ipswitch whatsup gold |