Shodan
Vulnerabilities
Vulnerable Software
Progress:  >> Whatsup Gold  Security Vulnerabilities
CVE-2025-2572
In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability allows an unauthenticated attacker to modify the contents of WhatsUp.dbo.WrlsMacAddressGroup.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-04-14
CVE-2024-12105
In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially crafted HTTP request that can lead to information disclosure.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-12-31
CVE-2024-12106
In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings.
CVSS Score
9.4
EPSS Score
0.018
Published
2024-12-31
CVE-2024-12108
In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API.
CVSS Score
9.6
EPSS Score
0.01
Published
2024-12-31
CVE-2024-46909
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account.
CVSS Score
9.8
EPSS Score
0.032
Published
2024-12-02
CVE-2024-8785
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-12-02
CVE-2024-46905
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account.
CVSS Score
8.8
EPSS Score
0.034
Published
2024-12-02
CVE-2024-46906
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
CVSS Score
8.8
EPSS Score
0.059
Published
2024-12-02
CVE-2024-46907
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
CVSS Score
8.8
EPSS Score
0.029
Published
2024-12-02
CVE-2024-46908
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
CVSS Score
8.8
EPSS Score
0.034
Published
2024-12-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved