Anton Vaychikauskas

**Name of the Vulnerable Software and Affected Versions** Apache Superset versions 1.5.2 and prior Apache Superset version 2.0.0 **Description** An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. **Recommendations** For Apache Superset versions 1.5.2 and prior, update to a version that fixes this issue. For Apache Superset version 2.0.0, update to a version that fixes this issue. As a temporary workaround, consider restricting write CSS template permissions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PRTG Network Monitor versions prior to 18.3.44.2054 PRTG Network Monitor versions prior to 19.4.54.1506 **Description** The issue allows a remote authenticated attacker with read-write privileges to execute arbitrary code and OS commands with system privileges. This is due to the mishandling of user input in the `proxyport ` parameter when creating an HTTP Advanced Sensor. An attacker can craft an HTTP request to override the `writeresult` command-line parameter for HttpAdvancedSensor.exe, allowing them to store arbitrary data in any location on the file system. For instance, an attacker can create an executable file in the Custom SensorsEXE directory and execute it by creating an EXE/Script Sensor. **Recommendations** For versions prior to 18.3.44.2054, update to version 18.3.44.2054 or later to resolve the issue. For versions prior to 19.4.54.1506, update to version 19.4.54.1506 or later to resolve the issue. As a temporary workaround, consider restricting access to the HTTP Advanced Sensor and EXE/Script Sensor features until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** PRTG Network Monitor versions prior to 18.2.40.1683 **Description** The issue is related to insecure privilege management, allowing an authenticated user with read-only privileges to create another user with read-write privileges, including administrators. This can be achieved by sending a specially crafted HTTP request to the /api/addusers endpoint, which does not properly check user rights. **Recommendations** For versions prior to 18.2.40.1683, update to version 18.2.40.1683 or later to resolve the issue. As a temporary workaround, consider restricting access to the /api/addusers endpoint to prevent exploitation.

Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold versions prior to 2017 Plus SP1 (17.1.1) Description: An issue was discovered in the legacy .ASP pages of Ipswitch WhatsUp Gold, where multiple SQL injection vulnerabilities are present. These vulnerabilities could allow attackers to execute arbitrary SQL commands via unspecified vectors. Recommendations: For Ipswitch WhatsUp Gold versions prior to 2017 Plus SP1 (17.1.1), update to version 2017 Plus SP1 (17.1.1) or later to resolve the issue. As a temporary workaround, consider restricting access to the legacy .ASP pages to minimize the risk of exploitation.