Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paessler vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-19411
PRTG Network Monitor prior to 18.2.40.1683 allows an authenticated user with a read-only account to create another user with a read-write account (including administrator) via an HTTP request because /api/addusers doesn't check, or doesn't properly check, user rights.
Paessler Prtg Network Monitor
4.3
CVSSv2
CVE-2018-14683
PRTG prior to 19.1.49.1966 has Cross Site Scripting (XSS) in the WEBGUI.
Paessler Prtg Network Monitor
4.3
CVSSv2
CVE-2017-9816
Cross-site scripting (XSS) vulnerability in Paessler PRTG Network Monitor prior to 17.2.32.2279 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Paessler Prtg Network Monitor
3.5
CVSSv2
CVE-2017-12879
Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor prior to 17.3.33.2654 allows authenticated remote malicious users to inject arbitrary web script or HTML.
Paessler Prtg Network Monitor
5
CVSSv2
CVE-2018-19203
PRTG Network Monitor prior to 18.2.41.1652 allows remote unauthenticated malicious users to terminate the PRTG Core Server Service via a special HTTP request.
Paessler Prtg Network Monitor
9
CVSSv2
CVE-2018-19204
PRTG Network Monitor prior to 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport_...
Paessler Prtg Network Monitor
5
CVSSv2
CVE-2021-27220
An issue exists in PRTG Network Monitor prior to 21.1.66.1623. By invoking the screenshot functionality with prepared context paths, an attacker is able to verify the existence of certain files on the filesystem of the PRTG's Web server.
Paessler Prtg Network Monitor
4
CVSSv2
CVE-2015-7743
XML external entity vulnerability in PRTG Network Monitor prior to 16.2.23.3077/3078 allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses a crafted XML file.
Paessler Prtg Network Monitor
7.5
CVSSv2
CVE-2020-10374
A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form.
Paessler Prtg Network Monitor
NA
CVE-2022-35739
PRTG Network Monitor up to and including 22.2.77.2204 does not prevent custom input for a device’s icon, which can be modified to insert arbitrary content into the style tag for that device. When the device page loads, the arbitrary Cascading Style Sheets (CSS) data is inse...
Paessler Prtg Network Monitor
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »