CVE-2006-2531

Ipswitch WhatsUp Professional 2006 - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2531. PoCs published by Kenneth F. Belva.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in Ipswitch WhatsUp Professional 2006 by sending HTTP requests with specific headers (User-Agent: Ipswitch/1.0 and User-Application: NmConsole) to gain administrative access to the web interface.

Description

Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header to "NmConsole".

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kenneth F. Belva · textremotehardware

https://www.exploit-db.com/exploits/27891

View Code ZIP pw:eip

This exploit demonstrates an authentication bypass vulnerability in Ipswitch WhatsUp Professional 2006 by sending HTTP requests with specific headers (User-Agent: Ipswitch/1.0 and User-Application: NmConsole) to gain administrative access to the web interface.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Ipswitch WhatsUp Professional 2006

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK