A proof-of-concept exploit has been released for CVE-2024-8785, a critical remote code execution vulnerability in Progress WhatsUp Gold, according to BleepingComputer.The flaw is rated 9.8 on the CVSS scale and affects WhatsUp Gold versions from 2023.1.0 to before 24.0.1. It resides in the NmAPI.exe process, which handles network management API requests. Insufficient data validation allows attackers to send crafted requests to alter sensitive Windows registry keys. This enables them to manipulate configuration file paths, directing the system to attacker-controlled locations. Upon a service restart, the system may execute malicious files, granting attackers remote code execution capabilities. Exploitation is unauthenticated and network-accessible, significantly elevating risk. Discovered by Tenable last August, the flaw was addressed by Progress Software in its version 24.0.1 update, which was released in September. The company urged administrators to update affected deployments immediately. The urgency is heightened by prior public exploits targeting WhatsUp Gold, including critical remote code execution and SQL injection vulnerabilities, which attackers have used to compromise networks and gain administrator access.
Vulnerability Management, Patch/Configuration Management, Application security

Exploit published for critical Progress WhatsUp Gold flaw

Adobe Stock

Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



