module
WhatsUp Gold SQL Injection (CVE-2024-6670)
| Disclosed |
|---|
| Aug 29, 2024 |
Disclosed
Aug 29, 2024
Description
This module exploits a SQL injection vulnerability in WhatsUp Gold, by changing the password of an existing user (such as of the default admin account)
to an attacker-controlled one.
WhatsUp Gold versions
to an attacker-controlled one.
WhatsUp Gold versions
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.