Description
ntopng versions prior to 4.2 contain an authentication bypass vulnerability (CVE-2021-28073) that allows attackers to circumvent the web interface authentication mechanism. By sending a specially crafted HTTP request, an attacker can gain unauthorized access to the ntopng web interface without providing valid credentials. This vulnerability affects the core authentication logic of the web server component.
Remediation
Immediately upgrade ntopng to version 4.2 or later to remediate this vulnerability. Follow these steps:
1. Verify your current ntopng version by checking the web interface or running:
ntopng --version2. Download the latest stable version from the official ntopng website (https://www.ntop.org/)
3. Stop the ntopng service before upgrading
4. Install the updated version following the distribution-specific installation instructions
5. Restart the ntopng service and verify the new version is running
6. Review access logs for any suspicious authentication attempts or unauthorized access during the vulnerable period
As a temporary mitigation if immediate patching is not possible, restrict network access to the ntopng web interface using firewall rules to allow only trusted IP addresses.
References
Related Vulnerabilities
MySQL CVE-2018-2573 Vulnerability (CVE-2018-2573)
MySQL CVE-2019-2810 Vulnerability (CVE-2019-2810)
WordPress Plugin Catch Duplicate Switcher Security Bypass (1.5.2)
Oracle JRE CVE-2012-3213 Vulnerability (CVE-2012-3213)
Liferay Portal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2025-43766)