Unrated severityCISA KEVNVD Advisory· Published Jun 25, 2024· Updated Oct 21, 2025
WhatsUp Gold GetFileWithoutZip Directory Traversal Remote Code Execution Vulnerability
CVE-2024-4885
Description
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The
WhatsUp.ExportUtilities.Export.GetFileWithoutZip
allows execution of commands with iisapppool\nmconsole privileges.
Affected products
1- Progress Software Corporation/WhatsUp Goldv5Range: 2023.1.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024mitrevendor-advisory
- www.progress.com/network-monitoringmitreproduct
News mentions
0No linked articles in our index yet.