CVE-2018-19410

Name of the Vulnerable Software and Affected Versions PRTG Network Monitor versions prior to 18.2.40.1683

Description The issue is related to insecure privilege management in PRTG Network Monitor, allowing remote unauthenticated attackers to create users with read-write privileges, including administrators. This can be achieved by crafting an HTTP request to override attributes of the 'include' directive in /public/login.htm, performing a Local File Inclusion attack by including and executing /api/addusers. The attack involves providing the id and users parameters.

Recommendations For versions prior to 18.2.40.1683, update to version 18.2.40.1683 or later to resolve the issue. As a temporary workaround, consider restricting access to the /public/login.htm and /api/addusers endpoints to minimize the risk of exploitation. Additionally, restrict the use of the id and users parameters in the affected API endpoint until the issue is resolved.