VYPR
Unrated severityNVD Advisory· Published Dec 2, 2024· Updated Dec 2, 2024

WhatsUp Gold GetOrderByClause SQL Injection Privilege Escalation Vulnerability

CVE-2024-46905

Description

In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.