EXECUTIVE SUMMARY:
A critical remote code execution vulnerability in Progress WhatsUp Gold, identified as CVE-2024-8785, has been disclosed. This flaw, present in NmAPI.exe, allows unauthenticated attackers to modify sensitive Windows registry keys, enabling them to redirect configuration file locations to attacker-controlled shares and execute arbitrary code upon service restarts. Exploitation requires no authentication and poses a significant risk due to the network accessibility of the NmAPI.exe service.
Applying the latest updates to WhatsUp Gold is essential to mitigate the vulnerability. Ensuring prompt action will reduce risks and maintain network security.
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://www.bleepingcomputer.com/news/security/exploit-released-for-critical-whatsup-gold-rce-flaw-patch-now/