CVE-2004-0798

Ipswitch WhatsUp Gold <8.03.1 - RCE

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2004-0798. PoCs published by Metasploit, LoWNOISE, MC, including Metasploit module exploits/windows/http/ipswitch_wug_maincfgret.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in Ipswitch WhatsUp Gold 8.03 via a long 'instancename' parameter in the _maincfgret.cgi script, allowing arbitrary code execution. It uses a crafted HTTP POST request with authentication to trigger the vulnerability.

Description

Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16787

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in Ipswitch WhatsUp Gold 8.03 via a long 'instancename' parameter in the _maincfgret.cgi script, allowing arbitrary code execution. It uses a crafted HTTP POST request with authentication to trigger the vulnerability.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ipswitch WhatsUp Gold 8.03

Auth required

Prerequisites: Network access to the target · Valid credentials for authentication

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by LoWNOISE · perlremotewindows

https://www.exploit-db.com/exploits/566

View Code ZIP pw:eip

This exploit targets a remote buffer overflow in IPSWITCH WhatsUp Gold 8.03 by overwriting the SEH pointer. It uses a bind shellcode to open a shell on port 28876.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IPSWITCH WhatsUp Gold 8.03

No auth needed

Prerequisites: Network access to the target · WhatsUp Gold 8.03 running on Windows 2000 SP4

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC GREAT

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ipswitch_wug_maincfgret.rb

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in Ipswitch WhatsUp Gold 8.03 via the _maincfgret.cgi script by sending a maliciously crafted POST request with an oversized 'instancename' parameter, leading to arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ipswitch WhatsUp Gold 8.03

Auth required

Prerequisites: Network access to the target · Valid credentials for authentication

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources x_refsource_misc

http://www.ipswitch.com/Support/WhatsUp/patch-upgrades.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/566/

Various Sources third-party-advisory x_refsource_idefense

http://www.idefense.com/application/poi/display?type=vulnerabilities

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/17111

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/11043

Scores

EPSS 0.6258

EPSS Percentile 99.1%

Details

Status published

Products (6)

progress/whatsup_gold 7.0

progress/whatsup_gold 7.03

progress/whatsup_gold 7.04

progress/whatsup_gold 8.0

progress/whatsup_gold 8.01

progress/whatsup_gold 8.03

Published Oct 20, 2004

Tracked Since Feb 18, 2026