CVE-2025-2572

Name of the Vulnerable Software and Affected Versions WhatsUp Gold versions prior to 2024.0.3

Description A database manipulation issue allows an unauthenticated attacker to modify the contents of WhatsUp.dbo.WrlsMacAddressGroup. This enables attackers to tamper with the database without authentication.

Recommendations For versions prior to 2024.0.3, update to version 2024.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the NmConfigurationManager.exe to minimize the risk of exploitation. Avoid using the WhatsUp.dbo.WrlsMacAddressGroup until the issue is resolved.