2018-11-21 16:00:00
mitre
PUBLISHED
PRTG Network Monitor before 18.2.40.1683 allows an authenticated user with a read-only account to create another user with a read-write account (including administrator) via an HTTP request because /api/addusers doesnt check, or doesnt properly check, user rights.