PT-2021-17331 · Paessler · Prtg Network Monitor

Published

2021-03-31

Updated

2021-04-06

CVE-2021-27220

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions: PRTG Network Monitor versions prior to 21.1.66.1623

Description: An issue was discovered in PRTG Network Monitor. By invoking the screenshot functionality with prepared context paths, an attacker is able to verify the existence of certain files on the filesystem of the PRTG's Web server.

Recommendations: For versions prior to 21.1.66.1623, update to version 21.1.66.1623 or later to resolve the issue. As a temporary workaround, consider restricting access to the screenshot functionality until a patch is applied.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-27220

Affected Products

Prtg Network Monitor

PT-2021-17331 · Paessler · Prtg Network Monitor

CVE-2021-27220

Related Identifiers

Affected Products

References · 5