CVE-2022-35739

PRTG Network Monitor through 22.2.77.2204 does not prevent custom input for a device’s icon, which can be modified to insert arbitrary content into the style tag for that device. When the device page loads, the arbitrary Cascading Style Sheets (CSS) data is inserted into the style tag, loading malicious content. Due to PRTG Network Monitor preventing “characters, and from modern browsers disabling JavaScript support in style tags, this vulnerability could not be escalated into a Cross-Site Scripting vulnerability.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://raxis.com/blog/cve-2022-35739	Exploit Third Party Advisory
https://www.paessler.com/prtg/history/stable	Release Notes Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:paessler:prtg_network_monitor:*:*:*:*:*:*:*:*

History

08 Aug 2023, 14:21

Type	Values Removed	Values Added
CPE		cpe:2.3:a:paessler:prtg_network_monitor::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3
References	~~(MISC) https://www.paessler.com/prtg/history/stable -~~	(MISC) https://www.paessler.com/prtg/history/stable - Release Notes, Vendor Advisory
References	~~(MISC) https://raxis.com/blog/cve-2022-35739 -~~	(MISC) https://raxis.com/blog/cve-2022-35739 - Exploit, Third Party Advisory
CWE		CWE-79

27 Oct 2022, 20:15

Type	Values Removed	Values Added
References		(MISC) https://raxis.com/blog/cve-2022-35739 -

25 Oct 2022, 17:37

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-10-25 17:15

Updated : 2024-02-04 22:51

NVD link : CVE-2022-35739

Mitre link : CVE-2022-35739

CVE.ORG link : CVE-2022-35739

JSON object : View

Products Affected

paessler

prtg_network_monitor

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2022-35739", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2022-10-25T17:15:54.467", "references": [{"url": "https://raxis.com/blog/cve-2022-35739", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.paessler.com/prtg/history/stable", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "PRTG Network Monitor through 22.2.77.2204 does not prevent custom input for a device\u2019s icon, which can be modified to insert arbitrary content into the style tag for that device. When the device page loads, the arbitrary Cascading Style Sheets (CSS) data is inserted into the style tag, loading malicious content. Due to PRTG Network Monitor preventing \u201ccharacters, and from modern browsers disabling JavaScript support in style tags, this vulnerability could not be escalated into a Cross-Site Scripting vulnerability."}, {"lang": "es", "value": "PRTG Network Monitor versiones hasta 22.2.77.2204, no evita la entrada personalizada para el icono de un dispositivo, que puede ser modificado para insertar contenido arbitrario en la etiqueta de estilo para ese dispositivo. Cuando la p\u00e1gina del dispositivo es cargada, los datos arbitrarios de las Hojas de Estilo en Cascada (CSS) son insertadas en la etiqueta de estilo, cargando contenido malicioso. Debido a que PRTG Network Monitor previene los \"caracteres, y a que los navegadores modernos deshabilitan el soporte de JavaScript en las etiquetas de estilo, esta vulnerabilidad no pudo ser escalada a una vulnerabilidad de tipo Cross-Site Scripting"}], "lastModified": "2023-08-08T14:21:49.707", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:paessler:prtg_network_monitor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C2A3629-2A06-4C65-A7E2-D67AFC8CC967", "versionEndExcluding": "22.3.79.2108"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}