Strix
26.1K

CVE-2009-1849

UnknownEPSS 1.03%

Last modified

CVE-2009-1849 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.. EPSS estimates a 1.03% chance of exploitation in the next 30 days.

Description

Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Metrics

EPSS Probability
1.03%

59.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
PaesslerPrtg Traffic Grapher<= 6.2.977
PaesslerPrtg Traffic Grapher4.0.7.139
PaesslerPrtg Traffic Grapher4.0.8.154
PaesslerPrtg Traffic Grapher4.1.0.256
PaesslerPrtg Traffic Grapher4.1.0.257
PaesslerPrtg Traffic Grapher4.1.0.265
PaesslerPrtg Traffic Grapher4.1.0.266
PaesslerPrtg Traffic Grapher4.2.0.356
PaesslerPrtg Traffic Grapher4.2.0.357
PaesslerPrtg Traffic Grapher4.2.0.363
PaesslerPrtg Traffic Grapher4.2.0.364
PaesslerPrtg Traffic Grapher4.2.1.385
PaesslerPrtg Traffic Grapher4.2.1.386
PaesslerPrtg Traffic Grapher4.3.0.470
PaesslerPrtg Traffic Grapher4.3.0.471
PaesslerPrtg Traffic Grapher4.3.1.498
PaesslerPrtg Traffic Grapher4.3.1.505
PaesslerPrtg Traffic Grapher4.3.1.510
PaesslerPrtg Traffic Grapher4.3.1.522
PaesslerPrtg Traffic Grapher4.3.1.534
PaesslerPrtg Traffic Grapher4.3.1.562
PaesslerPrtg Traffic Grapher4.3.1.566
PaesslerPrtg Traffic Grapher5.0.1.300
PaesslerPrtg Traffic Grapher5.0.1.310
PaesslerPrtg Traffic Grapher5.0.1.356
PaesslerPrtg Traffic Grapher5.0.3.379
PaesslerPrtg Traffic Grapher5.0.3.398
PaesslerPrtg Traffic Grapher5.1.0.452
PaesslerPrtg Traffic Grapher5.1.1.474
PaesslerPrtg Traffic Grapher5.2.0.548
PaesslerPrtg Traffic Grapher5.2.0.549
PaesslerPrtg Traffic Grapher5.2.0.559
PaesslerPrtg Traffic Grapher5.2.0.560
PaesslerPrtg Traffic Grapher5.2.0.565
PaesslerPrtg Traffic Grapher5.2.0.566
PaesslerPrtg Traffic Grapher5.2.0.574
PaesslerPrtg Traffic Grapher5.2.0.575
PaesslerPrtg Traffic Grapher5.2.0.581
PaesslerPrtg Traffic Grapher5.2.0.582
PaesslerPrtg Traffic Grapher5.3.0.687
PaesslerPrtg Traffic Grapher5.3.0.738
PaesslerPrtg Traffic Grapher5.3.0.739
PaesslerPrtg Traffic Grapher5.3.0.758
PaesslerPrtg Traffic Grapher5.3.0.759
PaesslerPrtg Traffic Grapher5.3.0.812
PaesslerPrtg Traffic Grapher5.3.0.813
PaesslerPrtg Traffic Grapher5.3.0.833
PaesslerPrtg Traffic Grapher5.3.0.834
PaesslerPrtg Traffic Grapher5.3.0.862
PaesslerPrtg Traffic Grapher5.3.0.863

Showing 50 of 95 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2009-1849?
Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
How severe is CVE-2009-1849?
Severity scoring for CVE-2009-1849 is pending analysis. The EPSS model estimates a 1.03% probability of exploitation in the next 30 days.
How do I fix CVE-2009-1849?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-1849?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST