CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19410

PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write privileges (including administrator). A remote unauthenticated user can craft an HTTP request and override attributes of the 'include' directive in /public/login.htm and perform a Local File Inclusion attack, by including /api/addusers and executing it. By providing the 'id' and 'users' parameters, an unauthenticated attacker can create a user with read-write privileges (including administrator).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.834

EPSS Ranking 99.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

Proposed Action

Paessler PRTG Network Monitor contains a local file inclusion vulnerability that allows a remote, unauthenticated attacker to create users with read-write privileges (including administrator).

Ransomware Campaign

Unknown

References

Products affected by CVE-2018-19410

Paessler » Prtg Network Monitor » Version: N/A

cpe:2.3:a:paessler:prtg_network_monitor:-
Paessler » Prtg Network Monitor » Version: 12.2.1

cpe:2.3:a:paessler:prtg_network_monitor:12.2.1
Paessler » Prtg Network Monitor » Version: 12.2.2

cpe:2.3:a:paessler:prtg_network_monitor:12.2.2
Paessler » Prtg Network Monitor » Version: 12.3.1

cpe:2.3:a:paessler:prtg_network_monitor:12.3.1
Paessler » Prtg Network Monitor » Version: 12.3.3

cpe:2.3:a:paessler:prtg_network_monitor:12.3.3
Paessler » Prtg Network Monitor » Version: 12.3.4

cpe:2.3:a:paessler:prtg_network_monitor:12.3.4
Paessler » Prtg Network Monitor » Version: 12.4.4

cpe:2.3:a:paessler:prtg_network_monitor:12.4.4
Paessler » Prtg Network Monitor » Version: 12.4.5

cpe:2.3:a:paessler:prtg_network_monitor:12.4.5
Paessler » Prtg Network Monitor » Version: 12.4.6

cpe:2.3:a:paessler:prtg_network_monitor:12.4.6
Paessler » Prtg Network Monitor » Version: 12.4.7

cpe:2.3:a:paessler:prtg_network_monitor:12.4.7
Paessler » Prtg Network Monitor » Version: 13.1.1

cpe:2.3:a:paessler:prtg_network_monitor:13.1.1
Paessler » Prtg Network Monitor » Version: 13.2.3

cpe:2.3:a:paessler:prtg_network_monitor:13.2.3
Paessler » Prtg Network Monitor » Version: 13.3.4

cpe:2.3:a:paessler:prtg_network_monitor:13.3.4
Paessler » Prtg Network Monitor » Version: 13.3.5

cpe:2.3:a:paessler:prtg_network_monitor:13.3.5
Paessler » Prtg Network Monitor » Version: 13.3.6

cpe:2.3:a:paessler:prtg_network_monitor:13.3.6
Paessler » Prtg Network Monitor » Version: 13.4.6

cpe:2.3:a:paessler:prtg_network_monitor:13.4.6
Paessler » Prtg Network Monitor » Version: 13.4.7

cpe:2.3:a:paessler:prtg_network_monitor:13.4.7
Paessler » Prtg Network Monitor » Version: 14.1.8

cpe:2.3:a:paessler:prtg_network_monitor:14.1.8
Paessler » Prtg Network Monitor » Version: 14.1.9

cpe:2.3:a:paessler:prtg_network_monitor:14.1.9
Paessler » Prtg Network Monitor » Version: 14.2.9

cpe:2.3:a:paessler:prtg_network_monitor:14.2.9
Paessler » Prtg Network Monitor » Version: 14.3.10

cpe:2.3:a:paessler:prtg_network_monitor:14.3.10
Paessler » Prtg Network Monitor » Version: 14.3.11

cpe:2.3:a:paessler:prtg_network_monitor:14.3.11
Paessler » Prtg Network Monitor » Version: 14.4.12

cpe:2.3:a:paessler:prtg_network_monitor:14.4.12
Paessler » Prtg Network Monitor » Version: 14.4.12.3282

cpe:2.3:a:paessler:prtg_network_monitor:14.4.12.3282
Paessler » Prtg Network Monitor » Version: 14.4.13

cpe:2.3:a:paessler:prtg_network_monitor:14.4.13
Paessler » Prtg Network Monitor » Version: 15.1.13

cpe:2.3:a:paessler:prtg_network_monitor:15.1.13
Paessler » Prtg Network Monitor » Version: 15.1.15

cpe:2.3:a:paessler:prtg_network_monitor:15.1.15
Paessler » Prtg Network Monitor » Version: 15.2.16

cpe:2.3:a:paessler:prtg_network_monitor:15.2.16
Paessler » Prtg Network Monitor » Version: 15.2.17

cpe:2.3:a:paessler:prtg_network_monitor:15.2.17
Paessler » Prtg Network Monitor » Version: 15.3.18

cpe:2.3:a:paessler:prtg_network_monitor:15.3.18
Paessler » Prtg Network Monitor » Version: 15.3.19

cpe:2.3:a:paessler:prtg_network_monitor:15.3.19
Paessler » Prtg Network Monitor » Version: 15.4.20

cpe:2.3:a:paessler:prtg_network_monitor:15.4.20
Paessler » Prtg Network Monitor » Version: 15.4.21

cpe:2.3:a:paessler:prtg_network_monitor:15.4.21
Paessler » Prtg Network Monitor » Version: 16.1.22

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22
Paessler » Prtg Network Monitor » Version: 16.1.22.2011

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22.2011
Paessler » Prtg Network Monitor » Version: 16.1.22.2012

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22.2012
Paessler » Prtg Network Monitor » Version: 16.1.22.2251

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22.2251
Paessler » Prtg Network Monitor » Version: 16.1.22.2252

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22.2252
Paessler » Prtg Network Monitor » Version: 16.1.22.2391

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22.2391
Paessler » Prtg Network Monitor » Version: 16.1.22.2392

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22.2392
Paessler » Prtg Network Monitor » Version: 16.1.22.2565

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22.2565
Paessler » Prtg Network Monitor » Version: 16.1.22.2566

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22.2566
Paessler » Prtg Network Monitor » Version: 16.1.22.2657

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22.2657
Paessler » Prtg Network Monitor » Version: 16.1.22.2658

cpe:2.3:a:paessler:prtg_network_monitor:16.1.22.2658
Paessler » Prtg Network Monitor » Version: 16.2.23

cpe:2.3:a:paessler:prtg_network_monitor:16.2.23
Paessler » Prtg Network Monitor » Version: 16.2.23.3077

cpe:2.3:a:paessler:prtg_network_monitor:16.2.23.3077
Paessler » Prtg Network Monitor » Version: 16.2.23.3078

cpe:2.3:a:paessler:prtg_network_monitor:16.2.23.3078
Paessler » Prtg Network Monitor » Version: 16.2.23.3171

cpe:2.3:a:paessler:prtg_network_monitor:16.2.23.3171
Paessler » Prtg Network Monitor » Version: 16.2.23.3172

cpe:2.3:a:paessler:prtg_network_monitor:16.2.23.3172
Paessler » Prtg Network Monitor » Version: 16.2.23.3233

cpe:2.3:a:paessler:prtg_network_monitor:16.2.23.3233
Paessler » Prtg Network Monitor » Version: 16.2.23.3234

cpe:2.3:a:paessler:prtg_network_monitor:16.2.23.3234
Paessler » Prtg Network Monitor » Version: 16.2.23.3269

cpe:2.3:a:paessler:prtg_network_monitor:16.2.23.3269
Paessler » Prtg Network Monitor » Version: 16.2.23.3270

cpe:2.3:a:paessler:prtg_network_monitor:16.2.23.3270
Paessler » Prtg Network Monitor » Version: 16.2.24

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24
Paessler » Prtg Network Monitor » Version: 16.2.24.3685

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.3685
Paessler » Prtg Network Monitor » Version: 16.2.24.3686

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.3686
Paessler » Prtg Network Monitor » Version: 16.2.24.3791

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.3791
Paessler » Prtg Network Monitor » Version: 16.2.24.3792

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.3792
Paessler » Prtg Network Monitor » Version: 16.2.24.4045

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.4045
Paessler » Prtg Network Monitor » Version: 16.2.24.4046

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.4046
Paessler » Prtg Network Monitor » Version: 16.2.24.4273

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.4273
Paessler » Prtg Network Monitor » Version: 16.2.24.4274

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.4274
Paessler » Prtg Network Monitor » Version: 16.2.24.4469

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.4469
Paessler » Prtg Network Monitor » Version: 16.2.24.4470

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.4470
Paessler » Prtg Network Monitor » Version: 16.2.24.4665

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.4665
Paessler » Prtg Network Monitor » Version: 16.2.24.4666

cpe:2.3:a:paessler:prtg_network_monitor:16.2.24.4666
Paessler » Prtg Network Monitor » Version: 16.3.24.4979

cpe:2.3:a:paessler:prtg_network_monitor:16.3.24.4979
Paessler » Prtg Network Monitor » Version: 16.3.24.4980

cpe:2.3:a:paessler:prtg_network_monitor:16.3.24.4980
Paessler » Prtg Network Monitor » Version: 16.3.24.5302

cpe:2.3:a:paessler:prtg_network_monitor:16.3.24.5302
Paessler » Prtg Network Monitor » Version: 16.3.24.5303

cpe:2.3:a:paessler:prtg_network_monitor:16.3.24.5303
Paessler » Prtg Network Monitor » Version: 16.3.25

cpe:2.3:a:paessler:prtg_network_monitor:16.3.25
Paessler » Prtg Network Monitor » Version: 16.3.25.5488

cpe:2.3:a:paessler:prtg_network_monitor:16.3.25.5488
Paessler » Prtg Network Monitor » Version: 16.3.25.5489

cpe:2.3:a:paessler:prtg_network_monitor:16.3.25.5489
Paessler » Prtg Network Monitor » Version: 16.3.25.5766

cpe:2.3:a:paessler:prtg_network_monitor:16.3.25.5766
Paessler » Prtg Network Monitor » Version: 16.3.25.5767

cpe:2.3:a:paessler:prtg_network_monitor:16.3.25.5767
Paessler » Prtg Network Monitor » Version: 16.3.25.6072

cpe:2.3:a:paessler:prtg_network_monitor:16.3.25.6072
Paessler » Prtg Network Monitor » Version: 16.3.25.6073

cpe:2.3:a:paessler:prtg_network_monitor:16.3.25.6073
Paessler » Prtg Network Monitor » Version: 16.3.25.6123

cpe:2.3:a:paessler:prtg_network_monitor:16.3.25.6123
Paessler » Prtg Network Monitor » Version: 16.3.25.6124

cpe:2.3:a:paessler:prtg_network_monitor:16.3.25.6124
Paessler » Prtg Network Monitor » Version: 16.3.26

cpe:2.3:a:paessler:prtg_network_monitor:16.3.26
Paessler » Prtg Network Monitor » Version: 16.3.26.6384

cpe:2.3:a:paessler:prtg_network_monitor:16.3.26.6384
Paessler » Prtg Network Monitor » Version: 16.3.26.6385

cpe:2.3:a:paessler:prtg_network_monitor:16.3.26.6385
Paessler » Prtg Network Monitor » Version: 16.4.27

cpe:2.3:a:paessler:prtg_network_monitor:16.4.27
Paessler » Prtg Network Monitor » Version: 16.4.27.6719

cpe:2.3:a:paessler:prtg_network_monitor:16.4.27.6719
Paessler » Prtg Network Monitor » Version: 16.4.27.6720

cpe:2.3:a:paessler:prtg_network_monitor:16.4.27.6720
Paessler » Prtg Network Monitor » Version: 16.4.27.6845

cpe:2.3:a:paessler:prtg_network_monitor:16.4.27.6845
Paessler » Prtg Network Monitor » Version: 16.4.27.6846

cpe:2.3:a:paessler:prtg_network_monitor:16.4.27.6846
Paessler » Prtg Network Monitor » Version: 16.4.27.6984

cpe:2.3:a:paessler:prtg_network_monitor:16.4.27.6984
Paessler » Prtg Network Monitor » Version: 16.4.27.6985

cpe:2.3:a:paessler:prtg_network_monitor:16.4.27.6985
Paessler » Prtg Network Monitor » Version: 16.4.27.7140

cpe:2.3:a:paessler:prtg_network_monitor:16.4.27.7140
Paessler » Prtg Network Monitor » Version: 16.4.27.7141

cpe:2.3:a:paessler:prtg_network_monitor:16.4.27.7141
Paessler » Prtg Network Monitor » Version: 16.4.28

cpe:2.3:a:paessler:prtg_network_monitor:16.4.28
Paessler » Prtg Network Monitor » Version: 16.4.28.7279

cpe:2.3:a:paessler:prtg_network_monitor:16.4.28.7279
Paessler » Prtg Network Monitor » Version: 16.4.28.7339

cpe:2.3:a:paessler:prtg_network_monitor:16.4.28.7339
Paessler » Prtg Network Monitor » Version: 16.4.28.7352

cpe:2.3:a:paessler:prtg_network_monitor:16.4.28.7352
Paessler » Prtg Network Monitor » Version: 16.4.28.7403

cpe:2.3:a:paessler:prtg_network_monitor:16.4.28.7403
Paessler » Prtg Network Monitor » Version: 16.4.28.7421

cpe:2.3:a:paessler:prtg_network_monitor:16.4.28.7421
Paessler » Prtg Network Monitor » Version: 17.1.28

cpe:2.3:a:paessler:prtg_network_monitor:17.1.28
Paessler » Prtg Network Monitor » Version: 17.1.28.1032

cpe:2.3:a:paessler:prtg_network_monitor:17.1.28.1032
Paessler » Prtg Network Monitor » Version: 17.1.28.1341

cpe:2.3:a:paessler:prtg_network_monitor:17.1.28.1341
Paessler » Prtg Network Monitor » Version: 17.1.29

cpe:2.3:a:paessler:prtg_network_monitor:17.1.29
Paessler » Prtg Network Monitor » Version: 17.1.29.1427

cpe:2.3:a:paessler:prtg_network_monitor:17.1.29.1427
Paessler » Prtg Network Monitor » Version: 17.1.29.1531

cpe:2.3:a:paessler:prtg_network_monitor:17.1.29.1531
Paessler » Prtg Network Monitor » Version: 17.1.30

cpe:2.3:a:paessler:prtg_network_monitor:17.1.30
Paessler » Prtg Network Monitor » Version: 17.1.30.1618

cpe:2.3:a:paessler:prtg_network_monitor:17.1.30.1618
Paessler » Prtg Network Monitor » Version: 17.1.30.1681

cpe:2.3:a:paessler:prtg_network_monitor:17.1.30.1681
Paessler » Prtg Network Monitor » Version: 17.1.30.1719

cpe:2.3:a:paessler:prtg_network_monitor:17.1.30.1719
Paessler » Prtg Network Monitor » Version: 17.2.30.1767

cpe:2.3:a:paessler:prtg_network_monitor:17.2.30.1767
Paessler » Prtg Network Monitor » Version: 17.2.30.1825

cpe:2.3:a:paessler:prtg_network_monitor:17.2.30.1825
Paessler » Prtg Network Monitor » Version: 17.2.30.1883

cpe:2.3:a:paessler:prtg_network_monitor:17.2.30.1883
Paessler » Prtg Network Monitor » Version: 17.2.31

cpe:2.3:a:paessler:prtg_network_monitor:17.2.31
Paessler » Prtg Network Monitor » Version: 17.2.31.1917

cpe:2.3:a:paessler:prtg_network_monitor:17.2.31.1917
Paessler » Prtg Network Monitor » Version: 17.2.31.1977

cpe:2.3:a:paessler:prtg_network_monitor:17.2.31.1977
Paessler » Prtg Network Monitor » Version: 17.2.31.2018

cpe:2.3:a:paessler:prtg_network_monitor:17.2.31.2018
Paessler » Prtg Network Monitor » Version: 17.2.31.2153

cpe:2.3:a:paessler:prtg_network_monitor:17.2.31.2153
Paessler » Prtg Network Monitor » Version: 17.2.32

cpe:2.3:a:paessler:prtg_network_monitor:17.2.32
Paessler » Prtg Network Monitor » Version: 17.2.32.2206

cpe:2.3:a:paessler:prtg_network_monitor:17.2.32.2206
Paessler » Prtg Network Monitor » Version: 17.2.32.2279

cpe:2.3:a:paessler:prtg_network_monitor:17.2.32.2279
Paessler » Prtg Network Monitor » Version: 17.3.32.2309

cpe:2.3:a:paessler:prtg_network_monitor:17.3.32.2309
Paessler » Prtg Network Monitor » Version: 17.3.32.2339

cpe:2.3:a:paessler:prtg_network_monitor:17.3.32.2339
Paessler » Prtg Network Monitor » Version: 17.3.32.2478

cpe:2.3:a:paessler:prtg_network_monitor:17.3.32.2478
Paessler » Prtg Network Monitor » Version: 17.3.33

cpe:2.3:a:paessler:prtg_network_monitor:17.3.33
Paessler » Prtg Network Monitor » Version: 17.3.33.2686

cpe:2.3:a:paessler:prtg_network_monitor:17.3.33.2686
Paessler » Prtg Network Monitor » Version: 17.3.33.2753

cpe:2.3:a:paessler:prtg_network_monitor:17.3.33.2753
Paessler » Prtg Network Monitor » Version: 17.3.33.2830

cpe:2.3:a:paessler:prtg_network_monitor:17.3.33.2830
Paessler » Prtg Network Monitor » Version: 17.4.33.3251

cpe:2.3:a:paessler:prtg_network_monitor:17.4.33.3251
Paessler » Prtg Network Monitor » Version: 17.4.33.3283

cpe:2.3:a:paessler:prtg_network_monitor:17.4.33.3283
Paessler » Prtg Network Monitor » Version: 17.4.35

cpe:2.3:a:paessler:prtg_network_monitor:17.4.35
Paessler » Prtg Network Monitor » Version: 17.4.35.3441

cpe:2.3:a:paessler:prtg_network_monitor:17.4.35.3441
Paessler » Prtg Network Monitor » Version: 17.4.36

cpe:2.3:a:paessler:prtg_network_monitor:17.4.36
Paessler » Prtg Network Monitor » Version: 17.4.36.3595

cpe:2.3:a:paessler:prtg_network_monitor:17.4.36.3595
Paessler » Prtg Network Monitor » Version: 17.4.36.3670

cpe:2.3:a:paessler:prtg_network_monitor:17.4.36.3670
Paessler » Prtg Network Monitor » Version: 18.1.36

cpe:2.3:a:paessler:prtg_network_monitor:18.1.36
Paessler » Prtg Network Monitor » Version: 18.1.36.3728

cpe:2.3:a:paessler:prtg_network_monitor:18.1.36.3728
Paessler » Prtg Network Monitor » Version: 18.1.36.3733

cpe:2.3:a:paessler:prtg_network_monitor:18.1.36.3733
Paessler » Prtg Network Monitor » Version: 18.1.37

cpe:2.3:a:paessler:prtg_network_monitor:18.1.37
Paessler » Prtg Network Monitor » Version: 18.1.37.12158

cpe:2.3:a:paessler:prtg_network_monitor:18.1.37.12158
Paessler » Prtg Network Monitor » Version: 18.1.37.13946

cpe:2.3:a:paessler:prtg_network_monitor:18.1.37.13946
Paessler » Prtg Network Monitor » Version: 18.1.38

cpe:2.3:a:paessler:prtg_network_monitor:18.1.38
Paessler » Prtg Network Monitor » Version: 18.1.38.11934

cpe:2.3:a:paessler:prtg_network_monitor:18.1.38.11934
Paessler » Prtg Network Monitor » Version: 18.1.38.11958

cpe:2.3:a:paessler:prtg_network_monitor:18.1.38.11958
Paessler » Prtg Network Monitor » Version: 18.2.39

cpe:2.3:a:paessler:prtg_network_monitor:18.2.39
Paessler » Prtg Network Monitor » Version: 18.2.39.1661

cpe:2.3:a:paessler:prtg_network_monitor:18.2.39.1661
Paessler » Prtg Network Monitor » Version: 18.2.40

cpe:2.3:a:paessler:prtg_network_monitor:18.2.40
Paessler » Prtg Network Monitor » Version: 7.1.3.3378

cpe:2.3:a:paessler:prtg_network_monitor:7.1.3.3378

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19410

Products

Pricing

Contact Us