Address: Rue de la Loi 107, 1000 Brussels, BE Tel: +32 2 295 2100

Security Advisory 2024-105

Release Date:

Multiple Vulnerabilities in WhatsUp Gold

Download

History:

  • 27/09/2024 --- v1.0 -- Initial publication

Summary

On September 24, 2024, the WhatsUp Gold team released a security advisory addressing six vulnerabilities of various severities, the most critical reaching the score of 9.8 out of 10 [1].

Technical Details

No technical details have been release at this time, but the following vulnerabilities have been listed by the WhatsUp Gold team in their security bulletin [1]:

  • CVE-2024-46905: CVSS 8.8/10 (reported by Sina Kheirkhah)
  • CVE-2024-46906: CVSS 8.8/10 (reported by Sina Kheirkhah)
  • CVE-2024-46907: CVSS 8.8/10 (reported by Sina Kheirkhah)
  • CVE-2024-46908: CVSS 8.8/10 (reported by Sina Kheirkhah)
  • CVE-2024-46909: CVSS 9.8/10 (reported by Andy Niu)
  • CVE-2024-8785: CVSS 9.8/10 (reported by Tenable)

Affected Products

All WhatsUp Gold versions below 24.0.1.

Recommendations

CERT-EU strongly recommends updating affected devices as soon as possible [1].

References

[1] https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024

We got cookies

We only use cookies that are necessary for the technical functioning of our website. Find out more on here.