CVE-2025-67833
published 2026-01-14CVE-2025-67833: Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the tag parameter.
PriorityP430medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.22%
12.6th percentile
Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the tag parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paessler | prtg_network_monitor | < 25.4.114.1032 | 25.4.114.1032 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2025-67834 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2025-67834 [MEDIUM] CVE-2025-67834 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67834 :
PRTG Network Monitor vulnerability analysis and mitigation
Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the filter parameter.
Source : NVD
## 5.4
Score
Published January 14, 2026
Severity MEDIUM
CNA Score 5.4
Affected Technologies
PRTG Network Monitor
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 27.7
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:paessler:prtg_network_monitor
Sources
Windows Severity MEDIUM Has Fix Added at: Jan 21, 2026
Windows Severity MEDIUM Has Fix Added at: Jan 22, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you can f
Wiz
CVE-2025-67833 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2025-67833 [MEDIUM] CVE-2025-67833 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67833 :
PRTG Network Monitor vulnerability analysis and mitigation
Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the tag parameter.
Source : NVD
## 6.1
Score
Published January 14, 2026
Severity MEDIUM
CNA Score 6.1
Affected Technologies
PRTG Network Monitor
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 27.7
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:paessler:prtg_network_monitor
Sources
Windows Severity MEDIUM Has Fix Added at: Jan 21, 2026
Windows Severity MEDIUM Has Fix Added at: Jan 22, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you can focu
Wiz
CVE-2025-67835 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2025-67835 [MEDIUM] CVE-2025-67835 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67835 :
PRTG Network Monitor vulnerability analysis and mitigation
Paessler PRTG Network Monitor before 25.4.114 allows Denial-of-Service (DoS) by an authenticated attacker via the Notification Contacts functionality.
Source : NVD
## 6.5
Score
Published January 14, 2026
Severity MEDIUM
CNA Score 6.5
Affected Technologies
PRTG Network Monitor
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 19.4
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:paessler:prtg_network_monitor
Sources
Windows Severity MEDIUM Has Fix Added at: Jan 21, 2026
Windows Severity MEDIUM Has Fix Added at: Jan 22, 2026
## Get a CVE risk assessment
Get a prioritized vi
2026-01-14
Published