A newly disclosed path traversal vulnerability (CVE-2024-4885) in Progress Software’s WhatsUp Gold network monitoring solution has raised alarms across the cybersecurity community.
Rated as critical, this flaw enables unauthenticated attackers to execute arbitrary code on affected systems by exploiting improper input validation in file path handling mechanisms.
https://gbhackers.com/progress-whatsup- ... erability/