A significant security flaw that impacts Progress Software Users need to move quickly to update to the most recent version of WhatsUp Gold because there are constant attempts to abuse it.
An important security vulnerability affecting Progress Software There are ongoing attempts at exploiting WhatsUp Gold; thus, users must act fast to apply the most recent version.
CVE-2024-4885 (CVSS score: 9.8) is the vulnerability in question, which affects versions of the network monitoring application issued prior to 2023 and allows for unauthenticated remote code execution. 1.3.
In a late June 2024 alert, the business stated, “The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\\mconsole privileges.”
The vulnerability, according to security researcher Sina Kheirkhah of the Summoning Team, is in the way the GetFileWithoutZip method is implemented; it doesn’t sufficiently validate user-supplied paths before using them.
This behavior could be used by an attacker to run code within the context of the service account. Since then, Kheirkhah has made available a proof-of-concept (PoC) exploit.
Since August 1, 2024, the Shadowserver Foundation claims to have noticed attempts to exploit the vulnerability. “Starting August 1st, we see /NmAPI/RecurringReport CVE-2024-4885 exploitation callback attempts (so far, 6 src IPs),” according to a post on X.
Two further serious vulnerabilities, CVE-2024-4883 and CVE-2024-4884 (CVSS scores: 9.8), which also allow for unauthenticated remote code execution via NmApi.exe, are fixed in WhatsUp Gold version 2023.1.3.
Progress Software also fixes a high-severity privilege escalation vulnerability (CVE-2024-5009, CVSS score: 8.4) that makes use of the SetAdminPassword method to enable local attackers to escalate their privileges on compromised installations.
It is crucial for administrators to implement the most recent security updates and permit traffic from only reliable IP addresses in order to reduce potential dangers, as threat actors frequently take advantage of Progress Software vulnerabilities for malevolent intent.
Also read: Achieving Rapid Outcomes with AI-Driven Cloud Analytics
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.