Critical Vulnerabilities Found in WhatsUp Gold and Oracle WebLogic
/ 1 min read
🔓 Severe vulnerabilities discovered in WhatsUp Gold pose significant security risks. Three critical flaws in the network monitoring solution WhatsUp Gold, developed by Progress Software, could allow unauthorized access to servers and sensitive data manipulation. The most severe vulnerability, CVE-2024-12108, has a CVSS score of 9.6, enabling attackers to control servers via its public API. Nearly 110,000 instances of WhatsUp Gold are exposed, primarily in the U.S. Organizations are urged to upgrade to version 24.0.2 to mitigate these risks. Additionally, a Proof-of-Concept exploit for a high-severity vulnerability in Oracle WebLogic Server has been released, increasing the urgency for organizations to apply available patches to protect their systems.
