CVE-2018-8939

An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can submit specially crafted requests via the NmAPI executable to (1) gain unauthorized access to the WhatsUp Gold system, (2) obtain information about the WhatsUp Gold system, or (3) execute remote commands.
Configurations

Configuration 1 (hide)

cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:14

Type Values Removed Values Added
References () https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm - Release Notes, Vendor Advisory () https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm - Release Notes, Vendor Advisory

27 Aug 2024, 17:48

Type Values Removed Values Added
First Time Progress
Progress whatsup Gold
CPE cpe:2.3:a:ipswitch:whatsup_gold:*:*:*:*:*:*:*:* cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*

Information

Published : 2018-05-01 16:29

Updated : 2024-11-21 04:14


NVD link : CVE-2018-8939

Mitre link : CVE-2018-8939

CVE.ORG link : CVE-2018-8939


JSON object : View

Products Affected

progress

  • whatsup_gold
CWE
CWE-918

Server-Side Request Forgery (SSRF)