https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 <br/></td> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"/>https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 <br/></td> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"/>
Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WriteDataFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account.
The impact of this vulnerability is severe. An unauthenticated attacker can execute arbitrary code on the affected system with the privileges of the service account. This could lead to complete system compromise, including unauthorized access to sensitive data, system modification, and potential lateral movement within the network. The vulnerability has high impacts on confidentiality, integrity, and availability, as indicated by the CVSS v3.1 base score of 9.8 (Critical).
Multiple proof-of-concept exploits are available on github.com, zerodayinitiative.com. There is no evidence of proof of exploitation at the moment.
Progress Software has issued an update to correct this vulnerability. Users should upgrade to WhatsUp Gold version 2023.1.3 or later to address this vulnerability.
1. Immediately update Progress WhatsUp Gold to version 2023.1.3 or later. 2. If immediate patching is not possible, consider isolating or restricting network access to the WhatsUp Gold instance, especially the NmApi.exe component. 3. Monitor for any suspicious activities or unauthorized access attempts related to the WhatsUp Gold service. 4. Implement strong network segmentation to limit potential impact if exploitation occurs. 5. Regularly review and minimize service account privileges to reduce the potential impact of exploitation.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
NVD published the first details for CVE-2024-4883
Feedly found the first article mentioning CVE-2024-4883. See article
This CVE started to trend in security discussions
EPSS Score was set to: 0.04% (Percentile: 9.7%)
This CVE stopped trending in security discussions
Detection for the vulnerability has been added to Nessus (205145)
Detection for the vulnerability has been added to Qualys (380292)