Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PRTG Network Monitor before 18.2.40.1683 allows an authenticated user with a read-only account to create another user with a read-write account (including administrator) via an HTTP request because /api/addusers doesn't check, or doesn't properly check, user rights.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Paessler PRTG Network Monitor 权限许可和访问控制问题漏洞
Vulnerability Description
Paessler PRTG Network Monitor是德国Paessler公司的一套网络监控软件。该软件提供使用情况的监测、数据包嗅探、深入分析和简明的报告等功能。 Paessler PRTG Network Monitor 18.2.40.1683之前版本中存在安全漏洞,该漏洞源于程序没有检查或正确的检查用户权限。具有只读权限的攻击者可通过发送HTTP请求利用该漏洞创建具有读写权限的账户(包括管理员账户)。
CVSS Information
N/A
Vulnerability Type
N/A