Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
network monitor vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2023-31448
A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and previous versions versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it poss...
Paessler Prtg Network Monitor
4.7
CVSSv3
CVE-2023-31449
A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and previous versions versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. Thi...
Paessler Prtg Network Monitor
4.7
CVSSv3
CVE-2023-31450
A path traversal vulnerability was identified in the SQL v2 sensors in PRTG 23.2.84.1566 and previous versions versions where an authenticated user with write permissions could trick the SQL v2 sensors into behaving differently for existing files and non-existing files. This made...
Paessler Prtg Network Monitor
8.8
CVSSv3
CVE-2023-31452
A cross-site request forgery (CSRF) token bypass was identified in PRTG 23.2.84.1566 and previous versions versions that allows remote malicious users to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigge...
Paessler Prtg Network Monitor
5.3
CVSSv3
CVE-2021-27220
An issue exists in PRTG Network Monitor prior to 21.1.66.1623. By invoking the screenshot functionality with prepared context paths, an attacker is able to verify the existence of certain files on the filesystem of the PRTG's Web server.
Paessler Prtg Network Monitor
8.8
CVSSv3
CVE-2018-13442
SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter.
Solarwinds Network Performance Monitor
5.5
CVSSv3
CVE-2019-19119
An issue exists in PRTG 7.x up to and including 19.4.53. Due to insufficient access control on local registry keys for the Core Server Service, a non-administrative user on the local machine is able to access administrative credentials.
Paessler Prtg Network Monitor
9.8
CVSSv3
CVE-2020-10374
A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form.
Paessler Prtg Network Monitor
5.3
CVSSv3
CVE-2020-11547
PRTG Network Monitor prior to 20.1.57.1745 allows remote unauthenticated malicious users to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm ...
Paessler Prtg Network Monitor
2 Github repositories
7.2
CVSSv3
CVE-2023-32781
A command injection vulnerability was identified in PRTG 23.2.84.1566 and previous versions versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. ...
Paessler Prtg Network Monitor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »