CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2024-6670

CVSS 9.8v3.1pub. 2024-08-29upd. 2025-10-31

In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.

🤖 AI Analysis
How it works

An attacker without any authentication can send a specially crafted request containing malicious SQL code to the WhatsUp Gold application. The vulnerability results from insufficient validation and sanitization of input data before its use in database queries (CWE-89). As a result, the application executes unintended SQL queries, returning encrypted user account passwords stored in the database to the attacker.

Impact

An attacker can download encrypted passwords of all system users, which may subsequently lead to their compromise and account takeover, resulting in complete control over the network monitoring system.

Mitigation & patch

Progress WhatsUp Gold must be immediately updated to version 2024.0.0 or later. Detailed information is available in the vendor's security bulletin published in August 2024 at: https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024

Who is affected

Progress WhatsUp Gold in all versions released before 2024.0.0

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Progress Whatsup Gold

    APP
    Progress
    < 24.0

CISA KEV — detailsi

Vendori
Progress
Producti
WhatsUp Gold
Added to KEVi
September 16, 2024
Remediation deadline (US Federal)i
October 7, 2024(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 7 października 2024
Tags
SQLiAuth Bypass
CWE
References

Related vulnerabilities

CVE-2024-4885CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Progress WhatsUp Gold – nieuwierzytelniony RCE przez path traversal

CVE-2024-12106CRITICAL9.4PL ✓ten sam produkt

Progress WhatsUp Gold — nieautoryzowana konfiguracja ustawień LDAP

CVE-2024-12108CRITICAL9.6PL ✓ten sam produkt

Progress WhatsUp Gold — nieautoryzowany dostęp do serwera przez publiczne API

CVE-2024-46909CRITICAL9.8PL ✓ten sam produkt

Zdalne wykonanie kodu w Progress WhatsUp Gold (RCE bez uwierzytelnienia)

CVE-2024-8785CRITICAL9.8PL ✓ten sam produkt

Progress WhatsUp Gold – nieautoryzowana modyfikacja rejestru Windows przez NmAPI.exe