Main Vulnerability Database Vulnerabilities #VU16207

OS command injection in PRTG Network Monitor - CVE-2018-19204

Published: December 3, 2018

Vulnerability identifier: #VU16207

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/U:Amber

CVE-ID: CVE-2018-19204

CWE-ID: CWE-78

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Paessler AG

Affected software:
PRTG Network Monitor

Detailed vulnerability description

The vulnerability allows a remote high-privileged attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to the user's input in the POST parameter 'proxyport_' is mishandled when creating an HTTP Advanced Sensor. A remote attacker can craft an HTTP request and override the 'writeresult' command-line parameter for HttpAdvancedSensor.exe and store arbitrary data in an arbitrary place on the file system to create an executable file in the Custom SensorsEXE directory and execute it by creating EXE/Script Sensor.

How to mitigate CVE-2018-19204

Update to version 18.3.44.2054.

Sources

https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-23/

OS command injection in PRTG Network Monitor - CVE-2018-19204

Detailed vulnerability description

How to mitigate CVE-2018-19204

Sources

Please verify you're human