CVE-2018-19411

Published: 2018-11-21T16:29Z

Last Modified: 2024-11-21T03:57Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

PRTG Network Monitor before 18.2.40.1683 allows an authenticated user with a read-only account to create another user with a read-write account (including administrator) via an HTTP request because /api/addusers doesn't check, or doesn't properly check, user rights. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt