Shodan
Vulnerabilities
Vulnerable Software
Paessler:  >> Prtg Network Monitor  >> 7.1.3.3378  Security Vulnerabilities
CVE-2018-19203
PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request.
CVSS Score
7.5
EPSS Score
0.008
Published
2018-11-12
CVE-2018-19204
PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport_' is mishandled. The attacker can craft an HTTP request and override the 'writeresult' command-line parameter for HttpAdvancedSensor.exe to store arbitrary data in an arbitrary place on the file system. For example, the attacker can create an executable file in the \Custom Sensors\EXE directory and execute it by creating EXE/Script Sensor.
CVSS Score
8.8
EPSS Score
0.031
Published
2018-11-12
CVE-2018-9276
Known exploited
An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability (both on the server and on devices) by sending malformed parameters in sensor or notification management scenarios.
CVSS Score
7.2
EPSS Score
0.838
Published
2018-07-02
CVE-2018-10253
Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls.
CVSS Score
7.5
EPSS Score
0.102
Published
2018-04-21
CVE-2017-12879
Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor before 17.3.33.2654 allows authenticated remote attackers to inject arbitrary web script or HTML.
CVSS Score
5.4
EPSS Score
0.003
Published
2017-08-24
CVE-2017-9816
Cross-site scripting (XSS) vulnerability in Paessler PRTG Network Monitor before 17.2.32.2279 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-08-18
CVE-2016-5078
Paessler PRTG before 16.2.24.4045 has XSS via SNMP.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-04-10
CVE-2015-7743
XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses a crafted XML file.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-01-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved