CVE-2018-9276

unknown KEV

Published 2025-02-04 · Modified 2025-02-04

CVSS v3

—

CVSS v2

—

VIR risk

1.5

Description

Paessler PRTG Network Monitor contains an OS command injection vulnerability that allows an attacker with administrative privileges to execute commands via the PRTG System Administrator web console.

CISA KEV

Vendor: Paessler
Product: PRTG Network Monitor
Due date: 2025-02-25

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://www.paessler.com/prtg/history/prtg-18#18.2.39 ; https://nvd.nist.gov/vuln/detail/CVE-2018-9276

Exploits

References

https://www.paessler.com/prtg/history/prtg-18#18.2.39 ; https://nvd.nist.gov/vuln/detail/CVE-2018-9276

Verify integrity in audit chain (admin only). AS-IS.