In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal vulnerability exists Wug.UI.Areas.Wug.Controllers.SessionController.LoadNMScript. This allows allows reading of any file from the applications web-root directory .
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ProgressSoftware
Published: 2024-06-25T20:27:11.395Z
Updated: 2024-06-26T17:46:16.699Z
Reserved: 2024-05-16T15:59:56.888Z
Link: CVE-2024-5018
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-25T21:16:01.543
Modified: 2024-06-26T12:44:29.693
Link: CVE-2024-5018
JSON object: View
Redhat Information
No data.
CWE