CVE & Exploit Intelligence Database

CVE-2024-6670 9.8 CRITICAL KEV RANSOMWARE 2 PoCs Analysis NUCLEI EPSS 0.94

In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.

CWE-89 Aug 29, 2024

CVE-2024-5009 8.4 HIGH 2 PoCs Analysis EPSS 0.36

In WhatsUp Gold versions released before 2023.1.3, an Improper Access Control vulnerability in Wug.UI.Controllers.InstallController.SetAdminPassword allows local attackers to modify admin's password.

CWE-269 Jun 25, 2024

CVE-2024-4885 9.8 CRITICAL KEV 1 PoC Analysis NUCLEI EPSS 0.94

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold.  The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\nmconsole privileges.

CWE-22 Jun 25, 2024

CVE-2024-4883 9.8 CRITICAL 1 PoC Analysis EPSS 0.91

In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe.

CWE-78 Jun 25, 2024

CVE-2024-5806 9.1 CRITICAL EXPLOITED 3 PoCs Analysis EPSS 0.90

Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2.

CWE-287 Jun 25, 2024

CVE-2023-27636 5.4 MEDIUM 1 PoC Analysis EPSS 0.00

Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.

CWE-79 Jun 16, 2024

CVE-2024-2389 10.0 CRITICAL EXPLOITED 3 PoCs Analysis NUCLEI EPSS 0.94

In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified.  An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.

CWE-78 Apr 02, 2024

CVE-2024-1800 9.9 CRITICAL 3 PoCs Analysis EPSS 0.76

In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability.

CWE-502 Mar 20, 2024

CVE-2024-1403 10.0 CRITICAL 1 PoC Analysis EPSS 0.17

In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified.  The vulnerability is a bypass to authentication based on a failure to properly handle username and password. Certain unexpected content passed into the credentials can lead to unauthorized access without proper authentication.  

CWE-305 Feb 27, 2024

CVE-2024-1212 10.0 CRITICAL KEV 7 PoCs Analysis NUCLEI EPSS 0.94

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.

CWE-78 Feb 21, 2024

CVE-2023-6595 7.5 HIGH 1 PoC Analysis EPSS 0.00

In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential information stored within WhatsUp Gold.

CWE-306 Dec 14, 2023

CVE-2023-40044 10.0 CRITICAL KEV RANSOMWARE 2 PoCs Analysis NUCLEI EPSS 0.94

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.

CWE-502 Sep 27, 2023

CVE-2023-34362 9.8 CRITICAL KEV RANSOMWARE 14 PoCs Analysis NUCLEI EPSS 0.94

In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.

CWE-89 Jun 02, 2023

CVE-2022-27665 6.1 MEDIUM 1 PoC Analysis EPSS 0.01

Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add folder filename boxes, it is possible to execute client-side commands. For example, there is Client-Side Template Injection via subFolderPath to the ThinClient/WtmApiService.asmx/GetFileSubTree URI.

CWE-79 Apr 03, 2023

CVE-2021-41318 6.1 MEDIUM 1 PoC Analysis EPSS 0.00

In Progress WhatsUp Gold prior to version 21.1.0, an application endpoint failed to adequately sanitize malicious input. which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser.

CWE-79 Sep 28, 2021

CVE-2020-28647 5.4 MEDIUM 1 PoC Analysis EPSS 0.00

In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a victim within the MOVEit Transfer instance interacts with the stored payload, it could invoke and execute arbitrary code within the context of the victim's browser (XSS).

CWE-79 Nov 17, 2020

CVE-2017-18639 6.1 MEDIUM 1 PoC Analysis EPSS 0.00

Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages Parameter : Image Title, /Content/links Parameter : Link Title, /Content/links Parameter : Link Title, or /Content/Videos/LibraryVideos/default-video-library Parameter : Video Title.

CWE-79 Nov 06, 2019

CVE-2017-9248 9.8 CRITICAL KEV 10 PoCs Analysis EPSS 0.88

Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise.

CWE-522 Jul 03, 2017

CVE-2015-8261 9.8 CRITICAL 1 PoC Analysis EPSS 0.04

The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks via a crafted SOAP request.

CWE-89 Jan 08, 2016

CVE-2014-8555 1 PoC Analysis EPSS 0.04

Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the selection parameter.

CWE-22 Nov 12, 2014