Saturday, September 7, 2024
HomeCVE/vulnerabilityProgress WhatsUp Gold Vulnerabilities Let Attackers Inject SQL Commands

Progress WhatsUp Gold Vulnerabilities Let Attackers Inject SQL Commands

Published on

The Progress WhatsUp Gold team confirmed the existence of critical vulnerabilities in all versions of their software released before 2024.0.0.

If exploited, these vulnerabilities could allow attackers to inject SQL commands, posing significant security risks to users.

Although there have been no reports of these vulnerabilities being exploited in the wild, the company is urging all customers to upgrade to the latest version immediately.

- Advertisement - EHA

CVE-2024-6670 (WUG-16138) – CVSS Score: 9.8

One of the most severe vulnerabilities, CVE-2024-6670, affects WhatsUp Gold versions released before 2024.0.0.

This SQL Injection vulnerability can be exploited if the application is configured with only one user.

An unauthenticated attacker could retrieve the user’s encrypted password, leading to unauthorized access.

The vulnerability was discovered by Sina Kheirkhah (@SinSinology) of the Summoning Team (@SummoningTeam), which collaborates with the Trend Micro Zero Day Initiative. The high CVSS score of 9.8 reflects its critical nature.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN -14-day free trial

CVE-2024-6671 (WUG-16139) – CVSS Score: 9.8

Similar to CVE-2024-6670, CVE-2024-6671 also involves a SQL Injection vulnerability in WhatsUp Gold versions before 2024.0.0.

This flaw allows an unauthenticated attacker to retrieve the user’s encrypted password when the application is configured with a single user.

Again, Sina Kheirkhah and the Summoning Team were credited with this vulnerability, highlighting the ongoing collaboration with security researchers to identify and mitigate potential risks.

CVE-2024-6672 (WUG-16142) – CVSS Score: 8.8

CVE-2024-6672 presents a slightly different threat. In this case, an authenticated low-privileged attacker could exploit a SQL Injection vulnerability to achieve privilege escalation by modifying a privileged user’s password.

While slightly less critical than the previous two, this vulnerability still poses a significant risk to system integrity and security.

The discovery of this vulnerability also comes from the efforts of Sina Kheirkhah and the Summoning Team, emphasizing the importance of external security research in maintaining software security.

Urgent Call to Action

Progress strongly encourages all WhatsUp Gold customers running versions older than 2024.0.0 to upgrade their systems immediately.

The upgrade process is straightforward, typically taking 30 minutes or less, and is available free of charge to customers with an active service agreement.

Progress offers support through its Customer Support and Professional Services teams. Customers with an active service agreement or subscription can contact Progress Technical Support.

Those without an active agreement are advised to contact Progress Sales to reinstate their license.

Progress is paramountly concerned about the security of WhatsUp Gold users. The company has taken swift action to address these vulnerabilities and proactively notifies customers to mitigate potential risks.

By upgrading to the latest version, users can ensure their systems remain secure against these identified threats.

Protect Your Business with Cynet Managed All-in-One Cybersecurity Platform – Try Free Trial

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...

NoiseAttack is a Novel Backdoor That Uses Power Spectral Density For Evasion

NoiseAttack is a new method of secretly attacking deep learning models. It uses triggers...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...