ID OPENVAS:1361412562310112711 Type openvas Reporter Copyright (C) 2020 Greenbone Networks GmbH Modified 2020-03-26T00:00:00
Description
PRTG Network Monitor is prone to multiple vulnerabilities.
# Copyright (C) 2020 Greenbone Networks GmbH
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
CPE = "cpe:/a:paessler:prtg_network_monitor";
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.112711");
script_version("2020-03-26T07:22:55+0000");
script_tag(name:"last_modification", value:"2020-03-26 07:22:55 +0000 (Thu, 26 Mar 2020)");
script_tag(name:"creation_date", value:"2020-03-18 11:14:00 +0000 (Wed, 18 Mar 2020)");
script_tag(name:"cvss_base", value:"9.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_cve_id("CVE-2019-11074");
script_tag(name:"qod_type", value:"remote_banner");
script_tag(name:"solution_type", value:"VendorFix");
script_name("PRTG Network Monitor < 19.3.52.3502 Multiple Vulnerabilities");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone Networks GmbH");
script_family("Web application abuses");
script_dependencies("gb_prtg_network_monitor_detect.nasl");
script_mandatory_keys("prtg_network_monitor/installed");
script_tag(name:"summary", value:"PRTG Network Monitor is prone to multiple vulnerabilities.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"PRTG Network Monitor is prone to multiple vulnerabilities:
- A potential Denial of Service (DoS) vulnerability of the HTTP Full Web Page sensor (CVE-2019-11074)
- Reflected XSS vulnerabilities with medium severity on the PRTG core server. The potential vulnerabilities
affected tag filters, object IDs, and the contact support/feedback page.");
script_tag(name:"affected", value:"PRTG Network Monitor prior to version 19.3.52.3502.");
script_tag(name:"solution", value:"Update to version 19.3.52.3502 or later.");
script_xref(name:"URL", value:"https://www.paessler.com/prtg/history/stable");
script_xref(name:"URL", value:"https://how2itsec.blogspot.com/2019/10/security-fixes-in-prtg-1935152.html");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if(!port = get_app_port(cpe: CPE))
exit(0);
if(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))
exit(0);
version = infos["version"];
location = infos["location"];
if(version_is_less(version: version, test_version: "19.3.52.3502")) {
report = report_fixed_ver(installed_version: version, fixed_version: "19.3.52.3502", install_path: location);
security_message(port: port, data: report);
exit(0);
}
exit(99);
{"id": "OPENVAS:1361412562310112711", "type": "openvas", "bulletinFamily": "scanner", "title": "PRTG Network Monitor < 19.3.52.3502 Multiple Vulnerabilities", "description": "PRTG Network Monitor is prone to multiple vulnerabilities.", "published": "2020-03-18T00:00:00", "modified": "2020-03-26T00:00:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112711", "reporter": "Copyright (C) 2020 Greenbone Networks GmbH", "references": ["https://how2itsec.blogspot.com/2019/10/security-fixes-in-prtg-1935152.html", "https://www.paessler.com/prtg/history/stable"], "cvelist": ["CVE-2019-11074"], "lastseen": "2020-03-27T17:05:45", "viewCount": 26, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-11074"]}], "rev": 4}, "score": {"value": 6.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2019-11074"]}]}, "exploitation": null, "vulnersScore": 6.5}, "pluginID": "1361412562310112711", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:paessler:prtg_network_monitor\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112711\");\n script_version(\"2020-03-26T07:22:55+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-26 07:22:55 +0000 (Thu, 26 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-18 11:14:00 +0000 (Wed, 18 Mar 2020)\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n\n script_cve_id(\"CVE-2019-11074\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"PRTG Network Monitor < 19.3.52.3502 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_prtg_network_monitor_detect.nasl\");\n script_mandatory_keys(\"prtg_network_monitor/installed\");\n\n script_tag(name:\"summary\", value:\"PRTG Network Monitor is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PRTG Network Monitor is prone to multiple vulnerabilities:\n\n - A potential Denial of Service (DoS) vulnerability of the HTTP Full Web Page sensor (CVE-2019-11074)\n\n - Reflected XSS vulnerabilities with medium severity on the PRTG core server. The potential vulnerabilities\n affected tag filters, object IDs, and the contact support/feedback page.\");\n\n script_tag(name:\"affected\", value:\"PRTG Network Monitor prior to version 19.3.52.3502.\");\n\n script_tag(name:\"solution\", value:\"Update to version 19.3.52.3502 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.paessler.com/prtg/history/stable\");\n script_xref(name:\"URL\", value:\"https://how2itsec.blogspot.com/2019/10/security-fixes-in-prtg-1935152.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif(version_is_less(version: version, test_version: \"19.3.52.3502\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"19.3.52.3502\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Web application abuses", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645694904}}
{"cve": [{"lastseen": "2022-03-23T19:11:14", "description": "A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files in arbitrary locations with SYSTEM privileges (although not controlling the contents of such files) due to insufficient sanitisation when passing arguments to the phantomjs.exe binary. In order to exploit the vulnerability, remote authenticated administrators need to create a new HTTP Full Web Page Sensor and set specific settings when executing the sensor.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-17T15:15:00", "type": "cve", "title": "CVE-2019-11074", "cwe": ["CWE-434"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11074"], "modified": "2021-06-29T13:51:00", "cpe": ["cpe:/a:paessler:prtg_network_monitor:19.1.49"], "id": "CVE-2019-11074", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11074", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:paessler:prtg_network_monitor:19.1.49:*:*:*:*:*:*:*"]}]}
