medium
4.3
CWE
79
Advisory Published
Updated

CVE-2009-1849: XSS

First published: Mon Jun 01 2009(Updated: )

Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Paessler PRTG Network Monitor<=6.2.977
Paessler PRTG Network Monitor=4.0.7.139
Paessler PRTG Network Monitor=4.0.8.154
Paessler PRTG Network Monitor=4.1.0.256
Paessler PRTG Network Monitor=4.1.0.257
Paessler PRTG Network Monitor=4.1.0.265
Paessler PRTG Network Monitor=4.1.0.266
Paessler PRTG Network Monitor=4.2.0.356
Paessler PRTG Network Monitor=4.2.0.357
Paessler PRTG Network Monitor=4.2.0.363
Paessler PRTG Network Monitor=4.2.0.364
Paessler PRTG Network Monitor=4.2.1.385
Paessler PRTG Network Monitor=4.2.1.386
Paessler PRTG Network Monitor=4.3.0.470
Paessler PRTG Network Monitor=4.3.0.471
Paessler PRTG Network Monitor=4.3.1.498
Paessler PRTG Network Monitor=4.3.1.505
Paessler PRTG Network Monitor=4.3.1.510
Paessler PRTG Network Monitor=4.3.1.522
Paessler PRTG Network Monitor=4.3.1.534
Paessler PRTG Network Monitor=4.3.1.562
Paessler PRTG Network Monitor=4.3.1.566
Paessler PRTG Network Monitor=5.0.1.300
Paessler PRTG Network Monitor=5.0.1.310
Paessler PRTG Network Monitor=5.0.1.356
Paessler PRTG Network Monitor=5.0.3.379
Paessler PRTG Network Monitor=5.0.3.398
Paessler PRTG Network Monitor=5.1.0.452
Paessler PRTG Network Monitor=5.1.1.474
Paessler PRTG Network Monitor=5.2.0.548
Paessler PRTG Network Monitor=5.2.0.549
Paessler PRTG Network Monitor=5.2.0.559
Paessler PRTG Network Monitor=5.2.0.560
Paessler PRTG Network Monitor=5.2.0.565
Paessler PRTG Network Monitor=5.2.0.566
Paessler PRTG Network Monitor=5.2.0.574
Paessler PRTG Network Monitor=5.2.0.575
Paessler PRTG Network Monitor=5.2.0.581
Paessler PRTG Network Monitor=5.2.0.582
Paessler PRTG Network Monitor=5.3.0.687
Paessler PRTG Network Monitor=5.3.0.738
Paessler PRTG Network Monitor=5.3.0.739
Paessler PRTG Network Monitor=5.3.0.758
Paessler PRTG Network Monitor=5.3.0.759
Paessler PRTG Network Monitor=5.3.0.812
Paessler PRTG Network Monitor=5.3.0.813
Paessler PRTG Network Monitor=5.3.0.833
Paessler PRTG Network Monitor=5.3.0.834
Paessler PRTG Network Monitor=5.3.0.862
Paessler PRTG Network Monitor=5.3.0.863
Paessler PRTG Network Monitor=6.0.2.255
Paessler PRTG Network Monitor=6.0.2.256
Paessler PRTG Network Monitor=6.0.3.258
Paessler PRTG Network Monitor=6.0.3.259
Paessler PRTG Network Monitor=6.0.3.261
Paessler PRTG Network Monitor=6.0.3.262
Paessler PRTG Network Monitor=6.0.3.284
Paessler PRTG Network Monitor=6.0.3.285
Paessler PRTG Network Monitor=6.0.4.332
Paessler PRTG Network Monitor=6.0.4.333
Paessler PRTG Network Monitor=6.0.4.335
Paessler PRTG Network Monitor=6.0.4.336
Paessler PRTG Network Monitor=6.0.4.393
Paessler PRTG Network Monitor=6.0.4.394
Paessler PRTG Network Monitor=6.0.5.417
Paessler PRTG Network Monitor=6.0.5.441
Paessler PRTG Network Monitor=6.0.5.442
Paessler PRTG Network Monitor=6.0.5.450
Paessler PRTG Network Monitor=6.0.5.451
Paessler PRTG Network Monitor=6.0.6.585
Paessler PRTG Network Monitor=6.0.6.586
Paessler PRTG Network Monitor=6.0.6.601
Paessler PRTG Network Monitor=6.0.6.602
Paessler PRTG Network Monitor=6.0.6.625
Paessler PRTG Network Monitor=6.0.6.626
Paessler PRTG Network Monitor=6.0.6.675
Paessler PRTG Network Monitor=6.0.6.676
Paessler PRTG Network Monitor=6.1.0.683_beta
Paessler PRTG Network Monitor=6.1.0.750
Paessler PRTG Network Monitor=6.1.0.751
Paessler PRTG Network Monitor=6.1.0.753
Paessler PRTG Network Monitor=6.1.0.754
Paessler PRTG Network Monitor=6.1.0.756
Paessler PRTG Network Monitor=6.1.0.757
Paessler PRTG Network Monitor=6.1.1.854
Paessler PRTG Network Monitor=6.1.1.855
Paessler PRTG Network Monitor=6.2.0.907
Paessler PRTG Network Monitor=6.2.0.908
Paessler PRTG Network Monitor=6.2.1.950
Paessler PRTG Network Monitor=6.2.1.951
Paessler PRTG Network Monitor=6.2.1.957
Paessler PRTG Network Monitor=6.2.1.958
Paessler PRTG Network Monitor=6.2.1.963
Paessler PRTG Network Monitor=6.2.1.964
Paessler PRTG Network Monitor

Remedy

http://www.paessler.com/support/kb/questions/prtg6history

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2009-1849?

    The severity of CVE-2009-1849 is classified as high due to its ability to allow remote attackers to inject arbitrary web scripts or HTML.

  • How do I fix CVE-2009-1849?

    To fix CVE-2009-1849, upgrade PRTG Traffic Grapher to a version later than 6.2.2.977 that addresses the XSS vulnerability.

  • Which versions of PRTG Traffic Grapher are affected by CVE-2009-1849?

    CVE-2009-1849 affects all versions of PRTG Traffic Grapher prior to 6.2.2.977.

  • What types of attacks are possible due to CVE-2009-1849?

    CVE-2009-1849 allows attackers to execute cross-site scripting (XSS) attacks, potentially compromising user sessions and stealing sensitive information.

  • Is there a way to mitigate CVE-2009-1849 without updating?

    Without updating, mitigation of CVE-2009-1849 is limited, but implementing security measures such as input validation and content security policies may reduce risk.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203