Vulnerabilities > Paessler
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-21 | CVE-2018-19411 | Improper Privilege Management vulnerability in Paessler Prtg Network Monitor PRTG Network Monitor before 18.2.40.1683 allows an authenticated user with a read-only account to create another user with a read-write account (including administrator) via an HTTP request because /api/addusers doesn't check, or doesn't properly check, user rights. | 6.5 |
| 2018-11-21 | CVE-2018-19410 | Unspecified vulnerability in Paessler Prtg Network Monitor PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write privileges (including administrator). | 7.5 |
| 2018-11-12 | CVE-2018-19204 | Improper Input Validation vulnerability in Paessler Prtg Network Monitor PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. | 9.0 |
| 2018-11-12 | CVE-2018-19203 | Unspecified vulnerability in Paessler Prtg Network Monitor PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request. | 5.0 |
| 2018-07-02 | CVE-2018-9276 | OS Command Injection vulnerability in Paessler Prtg Network Monitor An issue was discovered in PRTG Network Monitor before 18.2.39. | 7.2 |
| 2018-04-21 | CVE-2018-10253 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Paessler Prtg Network Monitor Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls. | 5.0 |
| 2017-10-26 | CVE-2017-15917 | Improper Privilege Management vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server. | 4.0 |
| 2017-10-20 | CVE-2017-15651 | Improper Input Validation vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then proceeding in spite of the error message. | 6.5 |
| 2017-10-15 | CVE-2017-15360 | Cross-site Scripting vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script. | 3.5 |
| 2017-10-04 | CVE-2017-15009 | Cross-site Scripting vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm (the error page), via the errormsg parameter. | 4.3 |