Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WhatsUp Gold GetASPReport Server-Side Request Forgery Information Disclosure
Vulnerability Description
In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability exists in the GetASPReport feature. This allows any authenticated user to retrieve ASP reports from an HTML form.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Progress Software WhatsUp Gold 安全漏洞
Vulnerability Description
Progress Software WhatsUp Gold是美国Progress Software公司的一款网络监控软件。用于监控整个网络基础设施以及应用程序、配置和网络流量。 Progress Software WhatsUp Gold 2023.1.3版本存在安全漏洞,该漏洞源于GetASPReport 功能存在服务器端请求伪造漏洞,允许任何经过身份验证的用户从 HTML 表单中检索 ASP 报告。
CVSS Information
N/A
Vulnerability Type
N/A