Skip to content
New Ebook: Get your copy of the Unleash the Power of Censys Search Handbook today! | Download Now
Advisory

August 28, 2024 Advisory: Progress WhatsUp Gold GetFileWithoutZip Unauthenticated RCE [CVE-2024-4885]

Date of Disclosure: June 25, 2024

CVE-ID and CVSS Score: CVE-2024-4885: CVSS 9.8

Issue Name and Description: Progress WhatsUp Gold Unauthenticated Remote Code Execution Vulnerability

Asset Description: Progress Software WhatsUp Gold is an enterprise-grade network monitoring and management solution used by organizations worldwide to monitor the health and performance of their IT infrastructure. It provides comprehensive visibility into network devices, servers, applications, and traffic.

Vulnerability Impact: An unauthenticated attacker could exploit this vulnerability to execute arbitrary code on the affected WhatsUp Gold instances by uploading malicious files. This could lead to complete system compromise, data theft, and unauthorized access to sensitive information.

Exploitation Details: The vulnerability exists in the GetFileWithoutZip functionality of WhatsUp Gold. An attacker can send a crafted request with directory traversal payloads to upload files to arbitrary locations on the server. By uploading malicious files, the attacker can achieve remote code execution.

There are several PoCs published on GitHub.

Patch Availability: Progress Software has released WhatsUp Gold version 2023.1.3 to address this vulnerability. Users should update to the patched version immediately.

Censys Perspective:

At the time of writing, Censys observes 1,207 exposed devices online.

To identify potentially vulnerable Progress WhatsUp Gold instances (Please note that not all instances advertise their versions), the following Censys queries can be used:

  • Censys Search Query: services.software: (vendor: “Progress” and product: “WhatsUp Gold”)
  • Censys ASM query: host.services.software: (vendor: “Progress” and product: “WhatsUp Gold”) or web_entity.instances.software: (vendor: “Progress” and product: “WhatsUp Gold”)

References:

Attack Surface Management Solutions
Learn more