ET WEB_SPECIFIC_APPS Progress WhatsUp Gold SetAdminPassword Privilege Escalation (CVE-2024-5009)

SID: 2055951Rev: 110 views

Sourceet/open

CreatedSeptember 18, 2024

UpdatedSeptember 18, 2024

Classificationweb-application-activity

alert http any any -> $HOME_NET 9642 (msg:"ET WEB_SPECIFIC_APPS Progress WhatsUp Gold SetAdminPassword Privilege Escalation (CVE-2024-5009)"; flow:established, to_server; http.method; content:"POST"; http.uri; content:"/NmConsole/Wug/Install/SetAdminPassword"; fast_pattern; http.request_body; content:"|22|ConfirmPassword|22|"; reference:url,summoning.team/blog/progress-whatsup-gold-privesc-setadminpassword-cve-2024-5009/; reference:cve,2024-5009; classtype:web-application-activity; sid:2055951; rev:1; metadata:affected_product WhatsUp_Gold, attack_target Server, tls_state plaintext, created_at 2024_09_18, cve CVE_2024_5009, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag Exploit, updated_at 2024_09_18, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application; target:dest_ip;)

References

url	summoning.team/blog/progress-whatsup-gold-privesc-setadminpassword-cve-2024-5009/
cve	2024-5009

Metadata

affected productWhatsUp_Gold

attack targetServer

tls stateplaintext

created at2024_09_18

cveCVE-2024-5009

deploymentInternal

confidenceHigh

signature severityMajor

tagExploit

updated at2024_09_18

mitre tactic idTA0001

mitre tactic nameInitial_Access

mitre technique idT1190

mitre technique nameExploit_Public_Facing_Application

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!