Unrated severityNVD Advisory· Published May 22, 2006· Updated Jun 16, 2026
CVE-2006-2531
CVE-2006-2531
Description
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header to "NmConsole".
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:ipswitch:whatsup:professional_2006:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.