Main Vulnerability Database Exploits ID:10332 - Exploit for Improper access control in WhatsUp Gold - CVE-2024-5009

ID:10332 - Exploit for Improper access control in WhatsUp Gold - CVE-2024-5009

Published: August 9, 2024

Vulnerability identifier: #VU95446

Vulnerability risk: Low

CVE-ID: CVE-2024-5009

CWE-ID: CWE-284

Exploitation vector: Local access

Vulnerable software:
WhatsUp Gold

Link to public exploit:

https://github.com/th3gokul/CVE-2024-5009

Vulnerability description

The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions within the implementation of SetAdminPassword method. A local attacker can bypass implemented security restrictions and modify admin's password.

Remediation

Install updates from vendor's website.

ID:10332 - Exploit for Improper access control in WhatsUp Gold - CVE-2024-5009

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human