- Description
- In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\.
- Source
- security@progress.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
- security@progress.com
- CWE-648
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
Exploit Code Available: Critical Flaw Found in WhatsUp Gold- CVE-2024-8785 (CVSS 9.8) https://t.co/wINeHOndqi
@Dinosn
5 Dec 2024
2500 Impressions
6 Retweets
19 Likes
8 Bookmarks
0 Replies
0 Quotes
POC Exploit released for WhatsUp Gold CVE-2024-8785 #Progress #WhatsUpgold #CVE-2024-8785 https://t.co/b97SGIdRa5
@pravin_karthik
5 Dec 2024
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A proof-of-concept (PoC) exploit for a critical remote code execution flaw in Progress WhatsUp Gold has been published, its critical to install the latest security updates as soon as possible. The flaw is tracked as CVE-2024-8785 (CVSS v3.1 score: 9.8). https://t.co/Q7CmCFnXHE ht
@riskigy
4 Dec 2024
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical RCE Flaw Discovered in WhatsUp Gold (CVE-2024-8785) – Update Immediately! 🛡️ WIRE TOR - The Ethical Hacking Services A new exploit has been released for critical remote code execution (RCE) vulnerability in WhatsUp Gold, putting many systems. #cybersecurity https://
@WireTor
4 Dec 2024
40 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Warning: Critical CVE-2024-8785 (CVSS 9.8) in WhatsUp Gold versions before 2024.0.1 is being actively exploited. Attackers can overwrite the Windows Registry, leading to full machine takeover. Patch and advisory are available at: https://t.co/6KCC4eGW37 #patch #patch #patch
@CCBalert
4 Dec 2024
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC exploit for critical #WhatsUp #Gold RCE vulnerability released (#CVE-2024-8785) https://t.co/9N714dvOjQ
@ScyScan
4 Dec 2024
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-8785 In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry… https://t.co/ZS5VvL2YbS
@CVEnew
2 Dec 2024
263 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-8785: CRITICAL] Potential cyber threat in older versions of WhatsUp Gold (<2024.0.1): Remote attackers may exploit NmAPI.exe to alter registry values without authentication.#cybersecurity,#vulnerability https://t.co/RXZRhijPOB https://t.co/KzVQZ06lhv
@CveFindCom
2 Dec 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07BDB617-53DC-4C9B-BE7B-79A393F1A9C2",
"versionEndExcluding": "24.0.1"
}
],
"operator": "OR"
}
]
}
]