CVE-2020-11547

nvd nist nuclei

Published: Apr 5, 2020Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.

Affected (1)

Products: Paessler: Prtg Network Monitor

1 product

Prtg Network Monitor

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Paessler Prtg Network Monitor	Before 20.1.57.1745

Related CWEs

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (2)

https://github.com/ch-rigu/PRTG-Network-Monitor-Information-Disclosure

Source: cve@mitre.org

Broken Link

https://github.com/ch-rigu/PRTG-Network-Monitor-Information-Disclosure

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.