Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paessler vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2023-32781
A command injection vulnerability was identified in PRTG 23.2.84.1566 and previous versions versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. ...
Paessler Prtg Network Monitor
7.2
CVSSv3
CVE-2023-32782
A command injection was identified in PRTG 23.2.84.1566 and previous versions versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The s...
Paessler Prtg Network Monitor
5.3
CVSSv3
CVE-2022-35739
PRTG Network Monitor up to and including 22.2.77.2204 does not prevent custom input for a device’s icon, which can be modified to insert arbitrary content into the style tag for that device. When the device page loads, the arbitrary Cascading Style Sheets (CSS) data is inse...
Paessler Prtg Network Monitor
8.8
CVSSv3
CVE-2018-19411
PRTG Network Monitor prior to 18.2.40.1683 allows an authenticated user with a read-only account to create another user with a read-write account (including administrator) via an HTTP request because /api/addusers doesn't check, or doesn't properly check, user rights.
Paessler Prtg Network Monitor
NA
CVE-2006-4461
Paessler IPCheck Server Monitor prior to 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors.
Paessler Ipcheck Server Monitor
5.3
CVSSv3
CVE-2021-27220
An issue exists in PRTG Network Monitor prior to 21.1.66.1623. By invoking the screenshot functionality with prepared context paths, an attacker is able to verify the existence of certain files on the filesystem of the PRTG's Web server.
Paessler Prtg Network Monitor
6.1
CVSSv3
CVE-2016-5078
Paessler PRTG prior to 16.2.24.4045 has XSS via SNMP.
Paessler Prtg Network Monitor
5.5
CVSSv3
CVE-2019-19119
An issue exists in PRTG 7.x up to and including 19.4.53. Due to insufficient access control on local registry keys for the Core Server Service, a non-administrative user on the local machine is able to access administrative credentials.
Paessler Prtg Network Monitor
6.1
CVSSv3
CVE-2019-9206
PRTG Network Monitor v7.1.3.3378 allows XSS via the /public/login.htm errormsg or loginurl parameter. NOTE: This product is discontinued.
Paessler Prtg Network Monitor 7.1.3.3378
6.7
CVSSv3
CVE-2017-15651
PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then proceeding in spite of the error message.
Paessler Prtg Network Monitor 17.3.33.2830
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »