Paessler PRTG Path Traversal Vulnerability Fixed by 16.1.21.1421/1422


Description   (:A path traversal vulnerability was reported in the network monitor of Paessler PRTG.:A remote attacker could exploit it via a specially crafted URL in order to gain access to files on the host.::No further information is available.)
     
Vulnerable Products   Vulnerable Software:
PRTG (Paessler) - 15.2.16.2229/2230, 15.2.17, 15.3.18, 15.3.18.3271/3272, 15.3.18.3333/3334, ..., 15.4.20.4377/4378, 15.4.20.4423/4424, 15.4.20.4491/4492, 15.4.20.4589/4590, 16.1.21.1257/1258
     
Solution   Version 16.1.21.1421/1422 of Paessler PRTG fixes this vulnerability.
     
CVE  
     
References   - PRTG : Critical Security Update Available for PRTG Network Monitor
https://www.paessler.com/blog/2016/01/26/all-about-prtg/critical-security-update-for-prtg-january-2016
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Misc : Directory traversal - parameter starting with ../
3.2.0
Directory traversal using ..\..
3.2.0
Directory traversal
3.2.0
Directory traversal backward root folder
3.2.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2016-01-26 

 Target Type 
Server 

 Possible exploit 
Remote