Scan free
CRITICALCVE-2024-4884CVSS 9.8

CVE-2024-4884: RCE in WhatsUp Gold Network Monitoring

Platform

windows

Component

whatsup-gold

Fixed in

2023.1.3

AI Confidence: highNVDEPSS 55.5%Reviewed: May 2026
View on NVD
Save

CVE-2024-4884 describes a critical Remote Code Execution (RCE) vulnerability discovered in WhatsUp Gold, a network monitoring and management platform. This flaw allows an unauthenticated attacker to execute arbitrary commands on the affected system, potentially leading to complete system compromise. The vulnerability impacts versions 2023.1.0 through 2023.1.2, and a patch is available in version 2023.1.3.

Impact and Attack Scenarios

The impact of CVE-2024-4884 is severe. Successful exploitation allows an attacker to execute commands with the iisapppool\nmconsole privileges. This grants them significant control over the system hosting WhatsUp Gold, potentially enabling them to install malware, steal sensitive data (network configurations, monitoring data, credentials), modify system settings, and even pivot to other systems within the network. Given WhatsUp Gold's role in network monitoring, an attacker could gain a comprehensive view of the network topology and identify other valuable targets. The lack of authentication required for exploitation significantly broadens the attack surface.

Exploitation Context

CVE-2024-4884 was publicly disclosed on June 25, 2024. The vulnerability is considered highly exploitable due to the lack of authentication and the availability of a relatively straightforward attack vector. Public proof-of-concept (PoC) code is likely to emerge, increasing the risk of widespread exploitation. The CVSS score of 9.8 indicates a critical severity and a high probability of exploitation. It has not yet been added to the CISA KEV catalog as of this writing.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh

EPSS

55.49% (98% percentile)

CISA SSVC

Exploitationnone
Automatableyes
Technical Impacttotal

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H9.8CRITICALAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredNoneAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeUnchangedImpact beyond the vulnerable componentConfidentialityHighRisk of sensitive data exposureIntegrityHighRisk of unauthorized data modificationAvailabilityHighRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
None — unauthenticated. No login or credentials needed to exploit.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Unchanged — impact is limited to the vulnerable component itself.
Confidentiality
High — complete confidentiality loss. Attacker can read all data: credentials, keys, personal data.
Integrity
High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability
High — complete crash or resource exhaustion. Full denial of service.

Affected Software

Componentwhatsup-gold
VendorProgress Software Corporation
Affected rangeFixed in
2023.1.0 – 2023.1.32023.1.3

Weakness Classification (CWE)

CWE-77CWE-78CWE-94

Timeline

  1. Reserved
  2. Published
  3. Modified
  4. EPSS updated

Mitigation and Workarounds

The primary mitigation for CVE-2024-4884 is to immediately upgrade to WhatsUp Gold version 2023.1.3 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting network access to the WhatsUp Gold server, particularly from untrusted sources. Review firewall rules to ensure only necessary ports are open. Monitor system logs for suspicious activity related to the Apm.UI.Areas.APM.Controllers.CommunityController endpoint. While a WAF may offer some protection, it is not a substitute for patching.

How to fix

Update WhatsUp Gold to version 2023.1.3 or later. This update fixes the remote code execution vulnerability by restricting unauthorized file uploads. See the Progress security bulletin for more details and upgrade instructions.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2024-4884 — RCE in WhatsUp Gold?

CVE-2024-4884 is a critical Remote Code Execution vulnerability in WhatsUp Gold versions 2023.1.0–2023.1.2, allowing unauthenticated attackers to execute commands.

Am I affected by CVE-2024-4884 in WhatsUp Gold?

You are affected if you are running WhatsUp Gold versions 2023.1.0 through 2023.1.2. Immediately check your version and upgrade if necessary.

How do I fix CVE-2024-4884 in WhatsUp Gold?

Upgrade to WhatsUp Gold version 2023.1.3 or later to remediate the vulnerability. If immediate upgrade is not possible, implement temporary network restrictions.

Is CVE-2024-4884 being actively exploited?

While active exploitation is not yet confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of exploitation in the near future.

Where can I find the official WhatsUp Gold advisory for CVE-2024-4884?

Refer to the Progress WhatsUp Gold security advisory for detailed information and updates: [https://www.progress.com/security-advisories/psa-20240625-01](https://www.progress.com/security-advisories/psa-20240625-01)

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs