Vendor scorecard
Paessler
Paessler security disclosure record — CVE volume, CVSS severity mix and product-category breakdown, sourced from the NIST NVD.
CPE: paessler
Product families
1
Open in latest
9
Inferred — see methodology
Last disclosure
Jan 14, 2026
01
Product categories
1 trackedCVE volume, severity mix and the inferred latest shipping version per category.
| Category | CVEs | Volume | Severity mix | Open | Inferred latest |
|---|---|---|---|---|---|
| PRTG Network MonitorNetwork Management & Monitoringprtg_network_monitor | 4 | 9 | 25.4.114.1032HIGH |
02
Recent CVEs
4 shownMost recently published, newest first. Each ID links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2025-67835(opens NVD record) | Medium | 6.5 | Paessler PRTG Network Monitor before 25.4.114 allows Denial-of-Service (DoS) by an authenticated attacker via the Notification Contacts functionality. | Jan 14, 2026 |
| CVE-2025-67834(opens NVD record) | Medium | 5.4 | Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the filter parameter. | Jan 14, 2026 |
| CVE-2025-67833(opens NVD record) | Medium | 6.1 | Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the tag parameter. | Jan 14, 2026 |
| CVE-2024-12833(opens NVD record) | Medium | 6.1 | Paessler PRTG Network Monitor SNMP Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Paessler PRTG Network Monitor. Some user interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the PRTG Network Monitor web interface. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-23371. | Feb 11, 2025 |
4 CVEs · 1 product families