CVE-2024-4885 Scanner
CVE-2024-4885 Scanner - Remote Code Execution vulnerability in Progress Software WhatsUp Gold
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Domain, Ipv4
Toolbox
-
Progress Software WhatsUp Gold is widely used in network management to monitor the performance of applications, devices, and services. It helps IT administrators track the uptime and response times of servers, routers, and other network components. This product is deployed in various industries, including healthcare, finance, and education, where maintaining optimal network performance is critical. WhatsUp Gold allows users to set up alerts and notifications for network performance anomalies. It is popular for its user-friendly interface and comprehensive monitoring capabilities.
The vulnerability allows remote attackers to execute arbitrary code in the affected WhatsUp Gold software without the need for authentication. It is caused by improper validation of a user-supplied path in the GetFileWithoutZip method, which can be exploited by attackers. This issue can lead to a complete compromise of the targeted system. Once exploited, the attacker can gain full control over the system in the context of the service account.
This vulnerability lies in the GetFileWithoutZip method of the WhatsUp Gold software, where user-supplied paths are not properly validated. Attackers can exploit this flaw by sending malicious paths through HTTP POST requests, leading to directory traversal and ultimately executing arbitrary code. The SOAPAction parameter in the RecurringReport API call can be manipulated to interact with critical file directories. As a result, attackers can execute commands and gain unauthorized access to sensitive system areas. The root cause is improper sanitization of file paths used in file operations.
If exploited, this vulnerability can allow attackers to execute arbitrary code and potentially take full control of the affected system. This may lead to data breaches, disruption of network services, or unauthorized system access. Attackers could use this to move laterally across the network, exfiltrate sensitive data, or deploy malware. In critical environments, this can result in severe operational downtime and financial losses.
S4E offers a comprehensive vulnerability scanning service that helps you proactively manage cyber threats. With continuous monitoring and automated alerts, the platform ensures that vulnerabilities like RCE are identified before they can be exploited. Join the SecurityforEveryone platform to benefit from an intuitive dashboard, detailed vulnerability reporting, and expert guidance on remediation. Our platform simplifies cybersecurity for organizations of all sizes, giving you peace of mind knowing your digital assets are secure. Become a member today and enhance your security posture with real-time threat intelligence.
References: