Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paessler prtg network monitor vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-19411
PRTG Network Monitor prior to 18.2.40.1683 allows an authenticated user with a read-only account to create another user with a read-write account (including administrator) via an HTTP request because /api/addusers doesn't check, or doesn't properly check, user rights.
Paessler Prtg Network Monitor
9.8
CVSSv3
CVE-2018-19410
PRTG Network Monitor prior to 18.2.40.1683 allows remote unauthenticated malicious users to create users with read-write privileges (including administrator). A remote unauthenticated user can craft an HTTP request and override attributes of the 'include' directive in /...
Paessler Prtg Network Monitor
2 Github repositories
7.5
CVSSv3
CVE-2018-19203
PRTG Network Monitor prior to 18.2.41.1652 allows remote unauthenticated malicious users to terminate the PRTG Core Server Service via a special HTTP request.
Paessler Prtg Network Monitor
8.8
CVSSv3
CVE-2018-19204
PRTG Network Monitor prior to 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport_...
Paessler Prtg Network Monitor
7.2
CVSSv3
CVE-2018-9276
An issue exists in PRTG Network Monitor prior to 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability (both on the server and on devices) by sending malformed parameters i...
Paessler Prtg Network Monitor
1 EDB exploit
2 Github repositories
7.5
CVSSv3
CVE-2018-10253
Paessler PRTG Network Monitor prior to 18.1.39.1648 mishandles stack memory during unspecified API calls.
Paessler Prtg Network Monitor
1 EDB exploit
1 Github repository
6.5
CVSSv3
CVE-2017-15917
In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server.
Paessler Prtg Network Monitor 17.3.33.2830
6.7
CVSSv3
CVE-2017-15651
PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then proceeding in spite of the error message.
Paessler Prtg Network Monitor 17.3.33.2830
5.4
CVSSv3
CVE-2017-15360
PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script.
Paessler Prtg Network Monitor 17.3.33.2830
6.1
CVSSv3
CVE-2017-15009
PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm (the error page), via the errormsg parameter.
Paessler Prtg Network Monitor 17.3.33.2830
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »