Paessler · Prtg Network Monitor · CVE-2021-34547
Name of the Vulnerable Software and Affected Versions:
PRTG Network Monitor version 20.1.55.1775
Description:
The issue allows for Cross-Site Request Forgery (CSRF) attacks on the /editsettings endpoint, which can lead to the creation of new user accounts.
Recommendations:
For PRTG Network Monitor version 20.1.55.1775, consider restricting access to the /editsettings endpoint to prevent unauthorized user account creation until a patch is available.