CVE-2020-11547

MEDIUM NUCLEI

PRTG Network Monitor < 20.1.57.1745 - Unauthenticated Information Disclosure via login.htm or index.htm

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-11547. PoCs published by ch-rigu. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository provides a writeup for CVE-2020-11547, detailing an information disclosure vulnerability in PRTG Network Monitor. The vulnerability allows unauthenticated users to retrieve sensitive system information by manipulating the 'type' parameter in specific HTTP requests.

Description

PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.

Exploits (1)

nomisec WRITEUP 4 stars

by ch-rigu · poc

https://github.com/ch-rigu/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure

View Code ZIP pw:eip

This repository provides a writeup for CVE-2020-11547, detailing an information disclosure vulnerability in PRTG Network Monitor. The vulnerability allows unauthenticated users to retrieve sensitive system information by manipulating the 'type' parameter in specific HTTP requests.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: PRTG Network Monitor

No auth needed

Prerequisites: Network access to the target PRTG Network Monitor instance

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

PRTG Network Monitor <20.1.57.1745 - Information Disclosure

MEDIUMVERIFIEDby x6263

Shodan: title:"prtg" || http.title:"prtg"

FOFA: title="prtg"

References (1)

Core 1

Core References

Broken Link x_refsource_misc

https://github.com/ch-rigu/PRTG-Network-Monitor-Information-Disclosure

Scores

CVSS v3 5.3

EPSS 0.5206

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-306

Status published

Products (1)

paessler/prtg_network_monitor < 20.1.57.1745

Published Apr 05, 2020

Tracked Since Feb 18, 2026