CVE-2018-19204

Name of the Vulnerable Software and Affected Versions PRTG Network Monitor versions prior to 18.3.44.2054 PRTG Network Monitor versions prior to 19.4.54.1506

Description The issue allows a remote authenticated attacker with read-write privileges to execute arbitrary code and OS commands with system privileges. This is due to the mishandling of user input in the proxyport parameter when creating an HTTP Advanced Sensor. An attacker can craft an HTTP request to override the writeresult command-line parameter for HttpAdvancedSensor.exe, allowing them to store arbitrary data in any location on the file system. For instance, an attacker can create an executable file in the Custom SensorsEXE directory and execute it by creating an EXE/Script Sensor.

Recommendations For versions prior to 18.3.44.2054, update to version 18.3.44.2054 or later to resolve the issue. For versions prior to 19.4.54.1506, update to version 19.4.54.1506 or later to resolve the issue. As a temporary workaround, consider restricting access to the HTTP Advanced Sensor and EXE/Script Sensor features until a patch is applied.