vulnerability

Paessler PRTG Network Monitor: CVE-2018-9276: Improper Neutralization of Special Elements used in an OS Command

Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
Jul 2, 2018
Added
Apr 30, 2025
Modified
May 1, 2025

Description

An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability (both on the server and on devices) by sending malformed parameters in sensor or notification management scenarios.

Solution

paessler-prtg-network-monitor-upgrade-latest
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.