CVE-2018-8938

A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server.
Configurations

Configuration 1 (hide)

cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:14

Type Values Removed Values Added
References () https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm - Release Notes, Vendor Advisory () https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm - Release Notes, Vendor Advisory

27 Aug 2024, 17:48

Type Values Removed Values Added
First Time Progress
Progress whatsup Gold
CPE cpe:2.3:a:ipswitch:whatsup_gold:*:*:*:*:*:*:*:* cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*

Information

Published : 2018-05-01 16:29

Updated : 2024-11-21 04:14


NVD link : CVE-2018-8938

Mitre link : CVE-2018-8938

CVE.ORG link : CVE-2018-8938


JSON object : View

Products Affected

progress

  • whatsup_gold
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')