Known Vulnerabilities for products from Ipswitch
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ipswitch".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-29848 json | In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an AP... | 6.5 - MEDIUM | 2022-05-11 | 2022-05-20 |
| CVE-2022-29847 json | In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke... | 7.5 - HIGH | 2022-05-11 | 2022-05-20 |
| CVE-2022-29846 json | In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain t... | 5.3 - MEDIUM | 2022-05-11 | 2023-08-08 |
| CVE-2022-29845 json | In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an AP... | 6.5 - MEDIUM | 2022-05-11 | 2022-05-20 |
| CVE-2019-18465 json | In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has been found that could allow an attacker to sign in withou... | 9.8 - CRITICAL | 2019-10-31 | 2019-11-04 |
| CVE-2019-18464 json | In Progress MOVEit Transfer 10.2 before 10.2.6 (2018.3), 11.0 before 11.0.4 (2019.0.4), and 11.1 before 11.1.3 (2019.1.3), mu... | 9.8 - CRITICAL | 2019-10-31 | 2019-11-06 |
| CVE-2019-16383 json | MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows... | 9.4 - CRITICAL | 2019-09-24 | 2020-04-14 |
| CVE-2019-12146 json | A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attacker... | 9.1 - CRITICAL | 2019-06-11 | 2019-06-12 |
| CVE-2019-12145 json | A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attac... | 7.5 - HIGH | 2019-06-11 | 2019-06-12 |
| CVE-2019-12144 json | An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability ... | 9.8 - CRITICAL | 2019-06-11 | 2019-06-12 |
| CVE-2018-8939 json | An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can submit specially ... | 9.8 - CRITICAL | 2018-05-01 | 2018-06-13 |
| CVE-2018-8938 json | A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors c... | 9.8 - CRITICAL | 2018-05-01 | 2018-06-13 |
| CVE-2018-6545 json | Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting (XSS) vulnerability, as demonstrated by human.aspx. Attac... | 6.1 - MEDIUM | 2018-02-02 | 2018-02-14 |
| CVE-2018-5778 json | An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Multiple SQL injection vulnerabilities are pr... | 9.8 - CRITICAL | 2018-01-24 | 2018-02-09 |
| CVE-2018-5777 json | An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Remote clients can take advantage of a miscon... | 9.8 - CRITICAL | 2018-01-24 | 2019-10-03 |
| CVE-2017-16513 json | Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in the local search field and the backup locations field, a... | 7.8 - HIGH | 2017-11-03 | 2017-11-27 |
| CVE-2017-12639 json | Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary ... | 9.8 - CRITICAL | 2017-10-03 | 2017-10-10 |
| CVE-2017-12638 json | Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary ... | 9.8 - CRITICAL | 2017-10-03 | 2017-10-10 |
| CVE-2017-6195 json | Ipswitch MOVEit Transfer (formerly DMZ) allows pre-authentication blind SQL injection. The fixed versions are MOVEit Transfer... | 9.8 - CRITICAL | 2017-05-18 | 2017-05-26 |
| CVE-2016-1000000 json | Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection | 8.8 - HIGH | 2016-10-06 | 2017-11-03 |
Known software with vulnerabilities from Ipswitch
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Ipswitch | Imail | 10 |
| Application | Ipswitch | Imail Client | 9.22 |
| Application | Ipswitch | Imail Express | 8.03 |
| Application | Ipswitch | Imail Plus | 2006 |
| Application | Ipswitch | Imail Premium | 2006 |
| Application | Ipswitch | Imail Secure Server | 2006 |
| Application | Ipswitch | Imail Server | 12.3 |
| Application | Ipswitch | Imserver | 2.0.5.30 |
| Application | Ipswitch | Instant Messaging | 2.0 |
| Application | Ipswitch | Ipswitch Collaboration Suite | 2.0 |
| Application | Ipswitch | Ipswitch Secure Server | 2006 |
| Application | Ipswitch | Moveit | 8.1 |
| Application | Ipswitch | Moveit Dmz | 8.1 |
| Application | Ipswitch | Moveit Mobile | 1.2.0.962 |
| Application | Ipswitch | Moveit Transfer | 10.2.0 |
| Application | Ipswitch | Whatsup | 2005 |
| Application | Ipswitch | Whatsup Gold | 11 |
| Application | Ipswitch | Wincom Lpd | 1.00.90 |
| Application | Ipswitch | Ws Ftp | 1.0.5 |
| Application | Ipswitch | Ws Ftp Server | 1.0.1 |