Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
prtg vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-19411
PRTG Network Monitor prior to 18.2.40.1683 allows an authenticated user with a read-only account to create another user with a read-write account (including administrator) via an HTTP request because /api/addusers doesn't check, or doesn't properly check, user rights.
Paessler Prtg Network Monitor
7.2
CVSSv3
CVE-2019-11073
A Remote Code Execution vulnerability exists in PRTG Network Monitor prior to 19.4.54.1506 that allows malicious users to execute code due to insufficient sanitization when passing arguments to the HttpTransactionSensor.exe binary. In order to exploit the vulnerability, remote au...
Paessler Prtg Network Monitor
7.2
CVSSv3
CVE-2019-11074
A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows malicious users to place files in arbitrary locations with SYSTEM privileges (although not controlling the contents of such files) due to insufficient sanitisation whe...
Paessler Prtg Network Monitor
7.2
CVSSv3
CVE-2023-32782
A command injection was identified in PRTG 23.2.84.1566 and previous versions versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The s...
Paessler Prtg Network Monitor
7.2
CVSSv3
CVE-2023-32781
A command injection vulnerability was identified in PRTG 23.2.84.1566 and previous versions versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. ...
Paessler Prtg Network Monitor
9.8
CVSSv3
CVE-2020-10374
A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form.
Paessler Prtg Network Monitor
5.4
CVSSv3
CVE-2021-29643
PRTG Network Monitor prior to 21.3.69.1333 allows stored XSS via an unsanitized string imported from a User Object in a connected Active Directory instance.
Paessler Prtg Network Monitor
6.1
CVSSv3
CVE-2023-51630
Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote malicious users to bypass authentication on affected installations of Paessler PRTG Network Monitor. User interaction is required to exploit this vulnerability...
Paessler Prtg Network Monitor
8.8
CVSSv3
CVE-2018-19204
PRTG Network Monitor prior to 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport_...
Paessler Prtg Network Monitor
5.5
CVSSv3
CVE-2019-19119
An issue exists in PRTG 7.x up to and including 19.4.53. Due to insufficient access control on local registry keys for the Core Server Service, a non-administrative user on the local machine is able to access administrative credentials.
Paessler Prtg Network Monitor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »