CVE-2018-19203
CVE-2018-19203 is a high-severity vulnerability in Paessler Prtg Network Monitor with a CVSS 3.x base score of 7.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: High (CVSS 3.x base score 7.5)
- CVSS v2: 5.0
- EPSS exploit prediction: 3% (85th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Paessler Prtg Network Monitor
- Published:
- Last modified:
Description
PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request.
Frequently asked questions
- What is CVE-2018-19203?
- PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request.
- How severe is CVE-2018-19203?
- CVE-2018-19203 has a CVSS 3.x base score of 7.5, rated high severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability high.
- Is CVE-2018-19203 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 3% (85th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2018-19203?
- CVE-2018-19203 affects Paessler Prtg Network Monitor. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2018-19203?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2018-19203 published?
- CVE-2018-19203 was published on 2018-11-12 and last updated on 2026-06-17.
References
- http://en.securitylab.ru/lab/PT-2018-22
- https://www.paessler.com/prtg/history/stable#18.2.41.1652
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-22/
Affected products (1)
- cpe:2.3:a:paessler:prtg_network_monitor:*:*:*:*:*:*:*:*
More vulnerabilities in Paessler Prtg Network Monitor
- CVE-2020-10374 — Critical (CVSS 9.8): A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command…
- CVE-2018-19410 — Critical (CVSS 9.8): PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write…
- CVE-2023-31452 — High (CVSS 8.8): A cross-site request forgery (CSRF) token bypass was identified in PRTG 23.2.84.1566 and earlier versions that allows…
- CVE-2018-19411 — High (CVSS 8.8): PRTG Network Monitor before 18.2.40.1683 allows an authenticated user with a read-only account to create another user…
- CVE-2018-19204 — High (CVSS 8.8): PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute…
- CVE-2018-10253 — High (CVSS 7.5): Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls.