The PRTG web server accepts PUT and DELETE requests. Is this a security issue?

Modified on 2025-06-10 12:05:12 +0200

A security scanner was able to send a test file to the PRTG web server without providing any login data. Does this mean a security leak?

Article Comments

Attention: This article is a record of a conversation with the Paessler support team. The information in this conversation is not updated to preserve the historical record. As a result, some of the information or recommendations in this conversation might be out of date.

No, the security of the PRTG web server is not compromised. It only processes GET, POST, and HEAD requests. PUT and DELETE requests are accepted, but the sent data is not processed at all. It is discarded.

In order to make it easy to detect denial of service (DoS) attacks, PRTG will write an entry in its log file for each discarded request.

Dec, 2010 - Permalink

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

The PRTG web server accepts PUT and DELETE requests. Is this a security issue?

Article CommentsAttention: This article is a record of a conversation with the Paessler support team. The information in this conversation is not updated to preserve the historical record. As a result, some of the information or recommendations in this conversation might be out of date.

Search

Attention

Related Articles

Article Comments

Attention: This article is a record of a conversation with the Paessler support team. The information in this conversation is not updated to preserve the historical record. As a result, some of the information or recommendations in this conversation might be out of date.