Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paessler prtg network monitor vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-19411
PRTG Network Monitor prior to 18.2.40.1683 allows an authenticated user with a read-only account to create another user with a read-write account (including administrator) via an HTTP request because /api/addusers doesn't check, or doesn't properly check, user rights.
Paessler Prtg Network Monitor
7.2
CVSSv3
CVE-2019-11073
A Remote Code Execution vulnerability exists in PRTG Network Monitor prior to 19.4.54.1506 that allows malicious users to execute code due to insufficient sanitization when passing arguments to the HttpTransactionSensor.exe binary. In order to exploit the vulnerability, remote au...
Paessler Prtg Network Monitor
7.2
CVSSv3
CVE-2019-11074
A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows malicious users to place files in arbitrary locations with SYSTEM privileges (although not controlling the contents of such files) due to insufficient sanitisation whe...
Paessler Prtg Network Monitor
5.4
CVSSv3
CVE-2017-12879
Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor prior to 17.3.33.2654 allows authenticated remote malicious users to inject arbitrary web script or HTML.
Paessler Prtg Network Monitor
7.2
CVSSv3
CVE-2023-32781
A command injection vulnerability was identified in PRTG 23.2.84.1566 and previous versions versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. ...
Paessler Prtg Network Monitor
7.2
CVSSv3
CVE-2023-32782
A command injection was identified in PRTG 23.2.84.1566 and previous versions versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The s...
Paessler Prtg Network Monitor
4.7
CVSSv3
CVE-2023-31448
A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and previous versions versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it poss...
Paessler Prtg Network Monitor
4.7
CVSSv3
CVE-2023-31449
A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and previous versions versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. Thi...
Paessler Prtg Network Monitor
4.7
CVSSv3
CVE-2023-31450
A path traversal vulnerability was identified in the SQL v2 sensors in PRTG 23.2.84.1566 and previous versions versions where an authenticated user with write permissions could trick the SQL v2 sensors into behaving differently for existing files and non-existing files. This made...
Paessler Prtg Network Monitor
8.8
CVSSv3
CVE-2023-31452
A cross-site request forgery (CSRF) token bypass was identified in PRTG 23.2.84.1566 and previous versions versions that allows remote malicious users to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigge...
Paessler Prtg Network Monitor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »