← Zuruck zu CVEs
CVE-2018-9276
HIGHCISA KEV7.2
Beschreibung
An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability (both on the server and on devices) by sending malformed parameters in sensor or notification management scenarios.
CVE Details
CVSS v3.1 Bewertung7.2
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht7/2/2018
Zuletzt geandert11/6/2025
Quellekev
Honeypot-Sichtungen0
CISA KEV
HerstellerPaessler
ProduktPRTG Network Monitor
SchwachstellennamePaessler PRTG Network Monitor OS Command Injection Vulnerability
KEV Aufnahmedatum2025-02-04
Behebungsfrist2025-02-25
Ransomware-NutzungUnknown
Betroffene Produkte
paessler:prtg_network_monitor
Schwachen (CWE)
CWE-78CWE-78
Referenzen
http://packetstormsecurity.com/files/161183/PRTG-Network-Monitor-Remote-Code-Execution.html(cve@mitre.org)
http://www.securityfocus.com/archive/1/542103/100/0/threaded(cve@mitre.org)
https://www.exploit-db.com/exploits/46527/(cve@mitre.org)
http://packetstormsecurity.com/files/148334/PRTG-Command-Injection.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/161183/PRTG-Network-Monitor-Remote-Code-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/542103/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/46527/(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-9276(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.