Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paessler prtg network monitor vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-9816
Cross-site scripting (XSS) vulnerability in Paessler PRTG Network Monitor prior to 17.2.32.2279 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Paessler Prtg Network Monitor
6.1
CVSSv3
CVE-2016-5078
Paessler PRTG prior to 16.2.24.4045 has XSS via SNMP.
Paessler Prtg Network Monitor
5.5
CVSSv3
CVE-2019-19119
An issue exists in PRTG 7.x up to and including 19.4.53. Due to insufficient access control on local registry keys for the Core Server Service, a non-administrative user on the local machine is able to access administrative credentials.
Paessler Prtg Network Monitor
5.4
CVSSv3
CVE-2021-29643
PRTG Network Monitor prior to 21.3.69.1333 allows stored XSS via an unsanitized string imported from a User Object in a connected Active Directory instance.
Paessler Prtg Network Monitor
5.4
CVSSv3
CVE-2020-14073
XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map properties. An attacker with Read/Write privileges can create a map, and then use the Map Designer Properties screen to insert JavaScript code. This can be exploited against any user with View Maps or Edit Maps acces...
Paessler Prtg Network Monitor 20.1.56.1574
5.4
CVSSv3
CVE-2017-15360
PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script.
Paessler Prtg Network Monitor 17.3.33.2830
5.4
CVSSv3
CVE-2017-12879
Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor prior to 17.3.33.2654 allows authenticated remote malicious users to inject arbitrary web script or HTML.
Paessler Prtg Network Monitor
5.3
CVSSv3
CVE-2022-35739
PRTG Network Monitor up to and including 22.2.77.2204 does not prevent custom input for a device’s icon, which can be modified to insert arbitrary content into the style tag for that device. When the device page loads, the arbitrary Cascading Style Sheets (CSS) data is inse...
Paessler Prtg Network Monitor
5.3
CVSSv3
CVE-2021-27220
An issue exists in PRTG Network Monitor prior to 21.1.66.1623. By invoking the screenshot functionality with prepared context paths, an attacker is able to verify the existence of certain files on the filesystem of the PRTG's Web server.
Paessler Prtg Network Monitor
5.3
CVSSv3
CVE-2020-11547
PRTG Network Monitor prior to 20.1.57.1745 allows remote unauthenticated malicious users to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm ...
Paessler Prtg Network Monitor
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »