CVE-2018-19410
Paessler PRTG Network Monitor Local File Inclusion Vulnerability
CVSS
—
No CVSS
EPSS
86.5%
p100
KEV
YES
Feb 4, 2025
Exploit Today
80
0-100
Published: — · Last modified: —
Product
Paessler / PRTG Network Monitor
Vulnerability
Paessler PRTG Network Monitor Local File Inclusion Vulnerability
Added to KEV
Feb 4, 2025
Remediate by
Feb 25, 2025
Known ransomware use
No
Summary description
Paessler PRTG Network Monitor contains a local file inclusion vulnerability that allows a remote, unauthenticated attacker to create users with read-write privileges (including administrator).
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://www.paessler.com/prtg/history/prtg-18#18.2.41.1652 ; https://nvd.nist.gov/vuln/detail/CVE-2018-19410