In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\nmconsole privileges.
The vulnerability exists in the WhatsUp.ExportUtilities.Export.GetFileWithoutZip function, which does not properly validate file paths provided by users (CWE-22, path traversal). An attacker without any privileges can use a crafted network request to invoke this function and trigger arbitrary system commands. The commands are executed in the context of the iisapppool\nmconsole service account, giving the attacker a foothold on the server operating system.
An attacker can remotely execute arbitrary code on the server without authentication, leading to complete system compromise, data theft, and potential lateral movement within the internal network.
Progress WhatsUp Gold must be immediately updated to version 2023.1.3 or later. Detailed information is available in the vendor's security bulletin: https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024
Progress WhatsUp Gold in all versions released before 2023.1.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HProgress Whatsup Gold
APPProgress< 23.1.3
CISA KEV — detailsi
- Vendori
- Progress ↗
- Producti
- WhatsUp Gold
- Added to KEVi
- March 3, 2025
- Remediation deadline (US Federal)i
- March 24, 2025(overdue)
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Progress WhatsUp Gold contains a path traversal vulnerability that allows an unauthenticated attacker to achieve remote code execution.
Related vulnerabilities
SQL Injection w Progress WhatsUp Gold — kradzież zaszyfrowanych haseł
Progress WhatsUp Gold — nieautoryzowana konfiguracja ustawień LDAP
Progress WhatsUp Gold — nieautoryzowany dostęp do serwera przez publiczne API
Zdalne wykonanie kodu w Progress WhatsUp Gold (RCE bez uwierzytelnienia)
Progress WhatsUp Gold – nieautoryzowana modyfikacja rejestru Windows przez NmAPI.exe