CVE-2018-8938 in Ipswitch and Progress Products
Published on May 1, 2018
A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server.
Products Associated with CVE-2018-8938
stack.watch emails you whenever new vulnerabilities are published in Ipswitch Whatsup Gold or Progress Whatsup Gold. Just hit a watch button to start following.
Exploit Probability
EPSS
0.20%
Percentile
42.37%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.