Description
An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Remote clients can take advantage of a misconfiguration in the TFTP server that could allow attackers to execute arbitrary commands on the TFTP server via unspecified vectors.
References (1)
Core 1
Core References
Release Notes, Vendor Advisory x_refsource_confirm
https://docs.ipswitch.com/NM/WhatsUpGold2017Plus/01_ReleaseNotes/17PlusSP1/#link4
Scores
CVSS v3
9.8
EPSS
0.0009
EPSS Percentile
26.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
progress/whatsup_gold
< 17.1.1
Published
Jan 24, 2018
Tracked Since
Feb 18, 2026