Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "PRTG Traffic Grapher - Unauthenticated Access" module is designed to detect a misconfiguration vulnerability in the PRTG Traffic Grapher software. This vulnerability allows unauthorized access to the software without the need for authentication. The severity of this vulnerability is classified as high.
This module was authored by dhiyaneshDK.
If exploited, this vulnerability could allow attackers to gain unauthorized access to the PRTG Traffic Grapher software. This can lead to potential data breaches, unauthorized monitoring of network traffic, and other malicious activities.
The module works by sending an HTTP GET request to the "/sensorlist.htm" path of the target system. It then applies matching conditions to determine if the PRTG Traffic Grapher software is present and if the response status is 200 (OK).
The matching conditions used in this module are:
- The response must contain the word "PRTG Traffic Grapher". - The response status must be 200 (OK).If both conditions are met, the module reports a vulnerability.
Example HTTP request:
GET /sensorlist.htm
Note: The module definition in JSON format is not shown here for simplicity.
Reference:
- https://www.exploit-db.com/ghdb/5808
Metadata:
max-request: 1