PT-2018-17140 · Ipswitch · Ipswitch Whatsup Gold
Vyacheslav Moskvin
·
Published
2018-01-24
·
Updated
2024-08-27
·
CVE-2018-5777
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Ipswitch WhatsUp Gold versions prior to 2017 Plus SP1 (17.1.1)
Description:
An issue was discovered that allows remote clients to take advantage of a misconfiguration in the TFTP server, potentially enabling attackers to execute arbitrary commands on the TFTP server via unspecified vectors.
Recommendations:
For Ipswitch WhatsUp Gold versions prior to 2017 Plus SP1 (17.1.1), update to version 2017 Plus SP1 (17.1.1) or later to resolve the issue. As a temporary workaround, consider restricting access to the TFTP server to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ipswitch Whatsup Gold