S4E

CVE-2024-6670 Scanner

CVE-2024-6670 scanner - SQL Injection vulnerability in WhatsUp Gold

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

4 weeks

Scan only one

Domain, IPv4

Toolbox

-

WhatsUp Gold is a network monitoring software used by IT teams and network administrators to monitor network traffic, performance, and availability. It is popular in medium to large enterprises for its capability to offer detailed insights on network activities. The software allows users to configure alerts, automate responses, and monitor servers, devices, and applications in real-time. It's used by various industries, including healthcare, education, and financial institutions. WhatsUp Gold helps in ensuring network reliability and preventing potential downtimes by offering proactive monitoring features.

A SQL Injection vulnerability has been identified in WhatsUp Gold versions before 2024.0.0. This vulnerability allows attackers to inject malicious SQL queries, leading to unauthorized access to sensitive data, such as encrypted user passwords. The vulnerability can be exploited remotely without authentication, making it a critical threat. If exploited, attackers can bypass security measures and gain control over the system.

The vulnerability is located in the "/NmConsole/Platform/PerformanceMonitorErrors/HasErrors" endpoint of WhatsUp Gold. The vulnerable parameter is "classId," where attackers can inject SQL commands to manipulate the database. A crafted SQL payload can retrieve the encrypted password from the "GlobalSettings" table and update the "ProActiveAlert" table with malicious data. The SQL injection flaw allows an attacker to control the database and modify critical user information without needing valid credentials.

If the SQL injection vulnerability is exploited, an attacker can gain full administrative access to the system. This can lead to data theft, including encrypted passwords, unauthorized access to the system, and potentially full compromise of the network monitoring platform. The attacker can also inject malicious commands, tamper with alerts, and disable monitoring systems, causing significant downtime or network vulnerabilities.

By using S4E's platform, you can stay one step ahead of potential cyber threats with continuous monitoring of your digital assets. Gain comprehensive reports and detailed insights on your security posture. Our platform offers easy-to-use scanners to detect critical vulnerabilities like the SQL injection flaw in WhatsUp Gold before attackers exploit them. Protect your business from unauthorized access, data theft, and network compromise. Join now to benefit from our advanced cyber threat exposure management tools.

References:

Get started to protecting your Free Full Security Scan