Security Advisory

CVE-2024-5018

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-25 20:27:11

Last updated 2024-08-01 20:55:10

Assigner ProgressSoftware

State PUBLISHED

Description

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal vulnerability exists Wug.UI.Areas.Wug.Controllers.SessionController.LoadNMScript. This allows allows reading of any file from the applications web-root directory .

← Browse all CVEs View on cve.org ↗