無料スキャン
CRITICALCVE-2024-46909CVSS 9.8

WhatsUp Gold WriteDataFile ディレクトリトラバーサルによるリモートコード実行の脆弱性

プラットフォーム

windows

コンポーネント

whatsup-gold

修正版

2024.0.1

AI Confidence: highNVDEPSS 28.8%レビュー済み: 2026年5月
NVDで見る
保存
あなたの言語に翻訳中…

CVE-2024-46909 is a critical Remote Code Execution (RCE) vulnerability discovered in WhatsUp Gold monitoring software. This flaw allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system, potentially leading to complete system takeover. The vulnerability impacts versions 2023.1.0 through 2024.0, and a patch is available in version 2024.0.1.

影響と攻撃シナリオ翻訳中…

The impact of CVE-2024-46909 is severe. Successful exploitation allows an attacker to execute code with the privileges of the WhatsUp Gold service account. This could enable them to install malware, steal sensitive data, modify system configurations, or even pivot to other systems on the network. Given the monitoring nature of WhatsUp Gold, attackers could potentially gain access to network diagrams, server inventories, and other critical infrastructure information. The lack of authentication required for exploitation significantly broadens the attack surface, making it a high-priority risk.

悪用の状況翻訳中…

CVE-2024-46909 was publicly disclosed on December 2, 2024. While no public proof-of-concept (PoC) code has been released as of this writing, the CRITICAL severity and ease of exploitation (unauthenticated remote access) suggest a high probability of exploitation. The vulnerability is not currently listed on CISA KEV, but its severity warrants close monitoring. Active campaigns targeting this vulnerability are possible.

リスク対象者翻訳中…

Organizations heavily reliant on WhatsUp Gold for network monitoring and performance management are particularly at risk. Environments with limited network segmentation or exposed monitoring servers are especially vulnerable. Shared hosting environments where multiple customers share the same WhatsUp Gold instance also face increased risk.

検出手順翻訳中…

• windows / supply-chain:

Get-Process -Name "WhatsUpGoldService" | Select-Object -ExpandProperty Path

• windows / supply-chain:

Get-WinEvent -LogName Application -FilterXPath "*[System[Provider[@Name='WhatsUp Gold Service']]]" -MaxEvents 10

• generic web:

curl -I https://<your_whatsupgold_server>/  # Check for unexpected responses or exposed endpoints

攻撃タイムライン

  1. Disclosure

    disclosure

脅威インテリジェンス

エクスプロイト状況

概念実証不明
CISA KEVNO
インターネット露出

EPSS

28.84% (97% パーセンタイル)

CISA SSVC

悪用状況none
自動化可能no
技術的影響total

CVSS ベクトル

脅威インテリジェンス· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H9.8CRITICALAttack VectorNetwork攻撃者がターゲットに到達する方法Attack ComplexityLow悪用に必要な条件Privileges RequiredNone攻撃に必要な認証レベルUser InteractionNone被害者の操作が必要かどうかScopeUnchanged影響コンポーネント外への波及ConfidentialityHigh機密データ漏洩のリスクIntegrityHigh不正データ改ざんのリスクAvailabilityHighサービス障害のリスクnextguardhq.com · CVSS v3.1 基本スコア
これらのメトリクスの意味は?
Attack Vector
ネットワーク — インターネット経由でリモートから悪用可能。物理・ローカルアクセス不要。
Attack Complexity
低 — 特別な条件不要。安定して悪用可能。
Privileges Required
なし — 認証不要。資格情報なしで悪用可能。
User Interaction
なし — 自動かつ無音の攻撃。被害者は何もしない。
Scope
変化なし — 影響は脆弱なコンポーネントのみ。
Confidentiality
高 — 機密性の完全喪失。全データが読み取り可能。
Integrity
高 — 任意のデータの書き込み・変更・削除が可能。
Availability
高 — 完全なクラッシュまたはリソース枯渇。完全なサービス拒否。

影響を受けるソフトウェア

コンポーネントwhatsup-gold
ベンダーProgress Software Corporation
影響範囲修正版
2023.1.0 – 2024.0.12024.0.1

弱点分類 (CWE)

CWE-22CWE-73CWE-16

タイムライン

  1. 予約済み
  2. 公開日
  3. EPSS 更新日

緩和策と回避策翻訳中…

The primary mitigation for CVE-2024-46909 is to immediately upgrade to WhatsUp Gold version 2024.0.1 or later. If upgrading is not immediately feasible, consider segmenting the WhatsUp Gold server from critical network resources to limit potential blast radius. While a direct workaround isn't available, implementing strict network access controls to restrict external access to the WhatsUp Gold server can reduce the attack surface. Monitor WhatsUp Gold logs for suspicious activity, particularly attempts to access or modify system files. After upgrading, confirm the vulnerability is resolved by attempting a test exploit (if safe to do so in a non-production environment) or verifying that the relevant code paths have been patched.

修正方法

WhatsUp Goldをバージョン2024.0.1以降にアップデートしてください。このアップデートは、ディレクトリトラバーサルおよびリモートコード実行の脆弱性を修正します。詳細とアップデート手順については、Progressのセキュリティアドバイザリを参照してください。

CVEセキュリティニュースレター

脆弱性分析と重要アラートをメールでお届けします。

よくある質問翻訳中…

What is CVE-2024-46909 — RCE in WhatsUp Gold?

CVE-2024-46909 is a critical Remote Code Execution vulnerability in WhatsUp Gold versions 2023.1.0–2024.0, allowing unauthenticated attackers to execute code.

Am I affected by CVE-2024-46909 in WhatsUp Gold?

If you are running WhatsUp Gold versions 2023.1.0 through 2024.0, you are affected by this vulnerability. Upgrade to 2024.0.1 or later.

How do I fix CVE-2024-46909 in WhatsUp Gold?

Upgrade to WhatsUp Gold version 2024.0.1 or later to patch the vulnerability. Consider network segmentation as a temporary mitigation.

Is CVE-2024-46909 being actively exploited?

While no public exploits are currently available, the CRITICAL severity and ease of exploitation suggest a high probability of active exploitation.

Where can I find the official WhatsUp Gold advisory for CVE-2024-46909?

Refer to the official WhatsUp Gold security advisory for detailed information and patch download links: [https://www.whatsupgold.com/security-advisories](https://www.whatsupgold.com/security-advisories)

あなたのプロジェクトは影響を受けていますか?

依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。

無料スキャンCVEを検索