Multiple vulnerabilities in PRTG Network Monitor



Published: 2017-10-04 | Updated: 2020-08-08
Risk Medium
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2017-15917
CVE-2017-15651
CVE-2017-15360
CVE-2017-15008
CVE-2017-15009
CWE-ID CWE-269
CWE-20
CWE-79
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		PRTG Network Monitor
Server applications / Remote management servers, RDP, SSH

Vendor Paessler AG

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Improper Privilege Management

EUVDB-ID: #VU38018

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-15917

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a remote authenticated user to gain access to sensitive information.

In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PRTG Network Monitor: 17.3.33.2830

CPE2.3 External links

http://medium.com/stolabs/security-issue-on-prtg-network-manager-ada65b45d37b


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU38025

Risk: Low

CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-15651

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local privileged user to execute arbitrary code.

PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then proceeding in spite of the error message.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PRTG Network Monitor: 17.3.33.2830

CPE2.3 External links

http://medium.com/stolabs/security-issue-on-prtg-network-manager-ada65b45d37b


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Cross-site scripting

EUVDB-ID: #VU38070

Risk: Low

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-15360

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The vulnerability allows a remote authenticated user to read and manipulate data.

PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PRTG Network Monitor: 17.3.33.2830

CPE2.3 External links

http://medium.com/stolabs/security-issue-on-prtg-network-manager-ada65b45d37b


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Cross-site scripting

EUVDB-ID: #VU38146

Risk: Low

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-15008

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The vulnerability allows a remote privileged user to read and manipulate data.

PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all sensor titles, related to incorrect error handling for a %00 in the SRC attribute of an IMG element.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PRTG Network Monitor: 17.3.33.2830

CPE2.3 External links

http://medium.com/stolabs/security-issue-on-prtg-network-manager-ada65b45d37b


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Cross-site scripting

EUVDB-ID: #VU38147

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-15009

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm (the error page), via the errormsg parameter.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PRTG Network Monitor: 17.3.33.2830

CPE2.3 External links

http://medium.com/stolabs/security-issue-on-prtg-network-manager-ada65b45d37b


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###