CVE-2020-11547

MEDIUM NUCLEI

Paessler Prtg Network Monitor < 20.1.57.1745 - Missing Authentication

Title source: rule

Description

PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.

Exploits (1)

nomisec WRITEUP 4 stars

by ch-rigu · poc

https://github.com/ch-rigu/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure

View Code ZIP pw:eip

Nuclei Templates (1)

PRTG Network Monitor <20.1.57.1745 - Information Disclosure

MEDIUMVERIFIEDby x6263

Shodan: title:"prtg" || http.title:"prtg"

FOFA: title="prtg"

References (1)

[Broken Link] https://github.com/ch-rigu/PRTG-Network-Monitor-Information-Disclosure

Scores

CVSS v3 5.3

EPSS 0.8299

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-306

Status published

Products (1)

paessler/prtg_network_monitor < 20.1.57.1745

Published Apr 05, 2020

Tracked Since Feb 18, 2026