An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Multiple SQL injection vulnerabilities are present in the legacy .ASP pages, which could allow attackers to execute arbitrary SQL commands via unspecified vectors.
References
Link | Resource |
---|---|
https://docs.ipswitch.com/NM/WhatsUpGold2017Plus/01_ReleaseNotes/17PlusSP1/#link4 | Release Notes Vendor Advisory |
Configurations
Information
Published : 2018-01-24 07:29
Updated : 2018-02-09 10:08
NVD link : CVE-2018-5778
Mitre link : CVE-2018-5778
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
ipswitch
- whatsup_gold