Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CVE-2024-8785 stems from the incorrect use of a privileged application programming interface (API) that may allow attackers to overwrite the Windows Registry. The API endpoint in question – NmAPI.exe – can be exploited by unauthenticated, remote attackers to change an existing registry value or … More

The post PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) appeared first on Help Net Security.