CRITICAL🇵🇱 Wersja polska

CVE-2024-8785

CVSS 9.8v3.1pub. 2024-12-02upd. 2024-12-09

In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\.

🤖 AI Analysis
How it works

An attacker can remotely, without any authentication, send requests to the NmAPI.exe process running within WhatsUp Gold. Through this component it is possible to create new or modify existing values in the registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\. The vulnerability is classified as improper privilege use (CWE-648), which means the component operates in the context of privileges allowing writing to the system registry without verification of the caller's identity.

Impact

An attacker can modify application or system configuration stored in the registry, which consequently may lead to takeover of control over the environment, privilege escalation, or disruption of network monitoring system operation.

Mitigation & patch

Progress WhatsUp Gold should be updated to version 2024.0.1 or newer. Detailed information is available in the vendor's security bulletin (Progress WhatsUp Gold Security Bulletin, September 2024) and in the Release Notes for version 2024.0.

Who is affected

Progress WhatsUp Gold in all versions released before 2024.0.1

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Progress Whatsup Gold

    APP
    Progress
    < 24.0.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2024-6670CRITICAL9.8⚠ KEVPL ✓ten sam produkt

SQL Injection w Progress WhatsUp Gold — kradzież zaszyfrowanych haseł

CVE-2024-4885CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Progress WhatsUp Gold – nieuwierzytelniony RCE przez path traversal

CVE-2024-12106CRITICAL9.4PL ✓ten sam produkt

Progress WhatsUp Gold — nieautoryzowana konfiguracja ustawień LDAP

CVE-2024-12108CRITICAL9.6PL ✓ten sam produkt

Progress WhatsUp Gold — nieautoryzowany dostęp do serwera przez publiczne API

CVE-2024-46909CRITICAL9.8PL ✓ten sam produkt

Zdalne wykonanie kodu w Progress WhatsUp Gold (RCE bez uwierzytelnienia)