CVE-2020-10374 — CVSS 9.8 (critical): A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a…
CVE-2023-31452 — CVSS 8.8 (high): A cross-site request forgery (CSRF) token bypass was identified in PRTG 23.2.84.1566 and earlier versions that allows remote attackers to…
CVE-2018-19204 — CVSS 8.8 (high): PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and…
CVE-2018-19411 — CVSS 8.8 (high): PRTG Network Monitor before 18.2.40.1683 allows an authenticated user with a read-only account to create another user with a read-write…
CVE-2018-10253 — CVSS 7.5 (high): Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls.
CVE-2018-19203 — CVSS 7.5 (high): PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special…
CVE-2019-11073 — CVSS 7.2 (high): A Remote Code Execution vulnerability exists in PRTG Network Monitor before 19.4.54.1506 that allows attackers to execute code due to…
CVE-2023-32781 — CVSS 7.2 (high): A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user…
CVE-2023-32782 — CVSS 7.2 (high): A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with…
CVE-2019-11074 — CVSS 7.2 (high): A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files…
CVE-2017-15651 — CVSS 6.7 (medium): PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then…
CVE-2015-7743 — CVSS 6.5 (medium): XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote authenticated users to read arbitrary…
CVE-2017-15917 — CVSS 6.5 (medium): In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to…
CVE-2025-67835 — CVSS 6.5 (medium): Paessler PRTG Network Monitor before 25.4.114 allows Denial-of-Service (DoS) by an authenticated attacker via the Notification Contacts…
CVE-2017-9816 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Paessler PRTG Network Monitor before 17.2.32.2279 allows remote attackers to inject arbitrary…
CVE-2019-9206 — CVSS 6.1 (medium): PRTG Network Monitor v7.1.3.3378 allows XSS via the /public/login.htm errormsg or loginurl parameter. NOTE: This product is discontinued.
CVE-2019-9207 — CVSS 6.1 (medium): PRTG Network Monitor v7.1.3.3378 allows XSS via the /search.htm searchtext parameter. NOTE: This product is discontinued.
CVE-2017-15009 — CVSS 6.1 (medium): PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm (the error page), via the errormsg…
CVE-2019-19119 — CVSS 5.5 (medium): An issue was discovered in PRTG 7.x through 19.4.53. Due to insufficient access control on local registry keys for the Core Server Service…
CVE-2021-29643 — CVSS 5.4 (medium): PRTG Network Monitor before 21.3.69.1333 allows stored XSS via an unsanitized string imported from a User Object in a connected Active…
CVE-2017-15360 — CVSS 5.4 (medium): PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect…
CVE-2017-12879 — CVSS 5.4 (medium): Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor before…
CVE-2025-67834 — CVSS 5.4 (medium): Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the filter parameter.
CVE-2020-14073 — CVSS 5.4 (medium): XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map properties. An attacker with Read/Write privileges can create a map, and…
CVE-2021-27220 — CVSS 5.3 (medium): An issue was discovered in PRTG Network Monitor before 21.1.66.1623. By invoking the screenshot functionality with prepared context paths…
CVE-2020-11547 — CVSS 5.3 (medium): PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server…
CVE-2022-35739 — CVSS 5.3 (medium): PRTG Network Monitor through 22.2.77.2204 does not prevent custom input for a device’s icon, which can be modified to insert arbitrary…
CVE-2017-15008 — CVSS 4.8 (medium): PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all sensor titles, related to incorrect error…
CVE-2023-31449 — CVSS 4.7 (medium): A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated…
CVE-2023-31450 — CVSS 4.7 (medium): A path traversal vulnerability was identified in the SQL v2 sensors in PRTG 23.2.84.1566 and earlier versions where an authenticated user…
CVE-2023-31448 — CVSS 4.7 (medium): A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with…