Platform
windows
Component
whatsup-gold
Fixed in
2024.0.1
CVE-2024-46909 is a critical Remote Code Execution (RCE) vulnerability discovered in WhatsUp Gold monitoring software. This flaw allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system, potentially leading to complete system takeover. The vulnerability impacts versions 2023.1.0 through 2024.0, and a patch is available in version 2024.0.1.
The impact of CVE-2024-46909 is severe. Successful exploitation allows an attacker to execute code with the privileges of the WhatsUp Gold service account. This could enable them to install malware, steal sensitive data, modify system configurations, or even pivot to other systems on the network. Given the monitoring nature of WhatsUp Gold, attackers could potentially gain access to network diagrams, server inventories, and other critical infrastructure information. The lack of authentication required for exploitation significantly broadens the attack surface, making it a high-priority risk.
CVE-2024-46909 was publicly disclosed on December 2, 2024. While no public proof-of-concept (PoC) code has been released as of this writing, the CRITICAL severity and ease of exploitation (unauthenticated remote access) suggest a high probability of exploitation. The vulnerability is not currently listed on CISA KEV, but its severity warrants close monitoring. Active campaigns targeting this vulnerability are possible.
Exploit Status
EPSS
28.84% (97% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-46909 is to immediately upgrade to WhatsUp Gold version 2024.0.1 or later. If upgrading is not immediately feasible, consider segmenting the WhatsUp Gold server from critical network resources to limit potential blast radius. While a direct workaround isn't available, implementing strict network access controls to restrict external access to the WhatsUp Gold server can reduce the attack surface. Monitor WhatsUp Gold logs for suspicious activity, particularly attempts to access or modify system files. After upgrading, confirm the vulnerability is resolved by attempting a test exploit (if safe to do so in a non-production environment) or verifying that the relevant code paths have been patched.
Update WhatsUp Gold to version 2024.0.1 or later. The update addresses the directory traversal and remote code execution vulnerability. See the Progress security bulletin for more details and upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-46909 is a critical Remote Code Execution vulnerability in WhatsUp Gold versions 2023.1.0–2024.0, allowing unauthenticated attackers to execute code.
If you are running WhatsUp Gold versions 2023.1.0 through 2024.0, you are affected by this vulnerability. Upgrade to 2024.0.1 or later.
Upgrade to WhatsUp Gold version 2024.0.1 or later to patch the vulnerability. Consider network segmentation as a temporary mitigation.
While no public exploits are currently available, the CRITICAL severity and ease of exploitation suggest a high probability of active exploitation.
Refer to the official WhatsUp Gold security advisory for detailed information and patch download links: [https://www.whatsupgold.com/security-advisories](https://www.whatsupgold.com/security-advisories)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.