Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WhatsUp Gold OnMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability
Vulnerability Description
In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations can be exploited by using a deserialization tool to achieve a Remote Code Execution as SYSTEM. The vulnerability exists in the main message processing routines NmDistributed.DistributedServiceBehavior.OnMessage for server and NmDistributed.DistributedClient.OnMessage for clients.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Progress Software WhatsUp Gold 安全漏洞
Vulnerability Description
Progress Software WhatsUp Gold是美国Progress Software公司的一款网络监控软件。用于监控整个网络基础设施以及应用程序、配置和网络流量。 Progress Software WhatsUp Gold 2023.1.3版本存在安全漏洞,该漏洞源于NmDistributed.DistributedServiceBehavior.OnMessage 、NmDistributed.DistributedClient.OnMessage 中存在安全问题,允许攻击者以 SYS
CVSS Information
N/A
Vulnerability Type
N/A