Prtg Network Monitor

Being Stubborn Pays Off pt. 2 – Tale of two 0days on PRTG Network Monitor

22 May 2020 ~9 min By Javier Jimenez

0day Exploit Development Webapps Dos Monitor Network Poc Proofofconcept Prtg Prtg Network Monitor Rce Shodan

Intro Last year I wrote how to weaponize CVE-2018-19204. This blog post will continue and elaborate on the finding and analysis of two additional vulnerabilities that were discovered during the process; one leading to an arbitrary write as system where the contents can’t be fully controlled and the other leading to Remote Code Execution as SYSTEM. Both vulnerabilities require you to have the administrator password for PRTG Network Monitor. Often you just get lucky, as the software defaults to prtgadmin:prtgadmin for the username and password respectively.

Being Stubborn Pays Off pt. 1 – CVE-2018-19204

18 April 2019 ~10 min By Javier Jimenez

Cve Exploit Development Internals Webapps 0day Cve-2018-19204 Exploit Prtg Network Monitor Web Application

Intro During an internal assessment, I came across monitoring software that had default credentials configured. This monitoring software allowed for the creation of sensors, but, none of which would allow for code execution or any other things that could compromise an underlying system. Turns out, it was a vulnerable version based on a publicly known CVE, but there was no public exploit code. Join me in this quest on building an exploit!

Page 1 of 1