VYPR
Unrated severityNVD Advisory· Published May 14, 2024· Updated Aug 1, 2024

WhatsUp Gold Server-Side Request Forgery Information Disclosure Vulnerability via FaviconController

CVE-2024-4561

Description

In WhatsUp Gold versions released before 2023.1.2 ,

a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an attacker to send arbitrary HTTP requests on behalf of the vulnerable server.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: < 2023.1.2
  • Progress Software Corporation/WhatsUp Goldv5
    Range: 2023.1.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.