Detections
Analytics

CVE-2022-42711

critical

Description

In Progress WhatsUp Gold before 22.1.0, an SNMP MIB Walker application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser.

References

https://www.progress.com/network-monitoring

https://www.progress.com/

https://community.progress.com/s/article/Product-Alert-Bulletin-October-2022

Details

Source: Mitre, NVD

Published: 2022-10-12

Updated: 2025-05-15

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00144