https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 <br/></td> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"/>https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 <br/></td> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"/>
Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CommunityController class. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the service account.
This vulnerability has a CVSS v3.1 base score of 9.8 out of 10, categorized as HIGH severity. It allows for remote code execution without requiring authentication or user interaction. The attack vector is through the network with low attack complexity. If exploited, it can lead to a complete compromise of system confidentiality, integrity, and availability. Attackers can execute arbitrary commands with iisapppool\nmconsole privileges, potentially resulting in full system compromise, data theft, service disruption, and use of the affected system as a launch point for further attacks.
One proof-of-concept exploit is available on zerodayinitiative.com. There is no evidence of proof of exploitation at the moment.
Progress Software has issued an update to correct this vulnerability. The vulnerability has been addressed in WhatsUp Gold version 2023.1.3 and later.
1. Immediate patching: Update WhatsUp Gold to version 2023.1.3 or later as soon as possible. 2. Network segmentation: Restrict network access to the WhatsUp Gold application, especially from untrusted networks. 3. Implement strong access controls: Even though the vulnerability is exploitable without authentication, implementing robust authentication and authorization mechanisms can help limit potential damage. 4. Monitor for suspicious activities: Implement and monitor logs for any unusual command executions or network activities related to the WhatsUp Gold application. 5. Apply the principle of least privilege: Ensure that the application and its components run with the minimum necessary privileges. 6. Regular security assessments: Conduct frequent vulnerability scans and penetration tests to identify and address potential security issues promptly.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
NVD published the first details for CVE-2024-4884
Feedly found the first article mentioning CVE-2024-4884. See article
Feedly estimated the CVSS score as HIGH
This CVE started to trend in security discussions
EPSS Score was set to: 0.04% (Percentile: 9.7%)
This CVE stopped trending in security discussions
Detection for the vulnerability has been added to Nessus (205145)
Detection for the vulnerability has been added to Qualys (380292)