WEB Progress WhatsUp Gold GetSqlWhereClause SQL Injection -1 (CVE-2024-46906)

Rule ID

1236405

Severity

High

Description

This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability.

Impact

SQL injection

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2024-46906

ZDI-24-1684

T1190

T0819

T1505

Keywords

N/A

Date Created

2025/03/06

Last Updated

2025/04/08

This website uses cookies to ensure you get the best experience on our website.

Learn more