Main Vulnerability Database Vulnerabilities #VU16207

#VU16207 OS command injection in PRTG Network Monitor - CVE-2018-19204

Published: December 3, 2018

Vulnerability identifier: #VU16207

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/U:Amber

CVE-ID: CVE-2018-19204

CWE-ID: CWE-78

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
PRTG Network Monitor

Software vendor:
Paessler AG

Description

The vulnerability allows a remote high-privileged attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to the user's input in the POST parameter 'proxyport_' is mishandled when creating an HTTP Advanced Sensor. A remote attacker can craft an HTTP request and override the 'writeresult' command-line parameter for HttpAdvancedSensor.exe and store arbitrary data in an arbitrary place on the file system to create an executable file in the Custom SensorsEXE directory and execute it by creating EXE/Script Sensor.

Remediation

Update to version 18.3.44.2054.

External links

https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-23/