Arbitrary file upload in Paessler Prtg_network_monitor
CVE-2019-11074
A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files in arbitrary locations with SYSTEM privileges (although not controlling the contents of such files) d…
Vulnerability class: Unrestricted File Upload
EPSS: 0.045 (90.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Paessler Prtg_network_monitor
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_MISC, Release Notes, Vendor Advisory)
- cve@mitre.org (Exploit, Third Party Advisory, x_refsource_MISC)
- cve@mitre.org (Third Party Advisory, x_refsource_MISC, Release Notes)
Frequently asked questions
- What is CVE-2019-11074?
- CVE-2019-11074 is a high-severity vulnerability in Paessler Prtg_network_monitor, classified under Unrestricted Upload of File with Dangerous Type. CVSS score: 7.2/10. Published 2020-03-17.
- How severe is CVE-2019-11074?
- High severity. CVSS v3 base score is 7.2 out of 10.