CVE-2023-32781 in PRTG Network Monitorالمعلومات

الملخص

بحسب MITRE • 09/08/2023

An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760. Due to command-line parameter injection and an undocumented debug feature flag, an attacker can utilize the HL7 sensor to write arbitrary data to the disk. This can be utilized to write a custom EXE(.bat) sensor, that will then run. This primitive gives remote code execution.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

حجز

15/05/2023

إفشاء

09/08/2023

الاعتدال

تمت الموافقة

إدخال

VDB-236651

EPSS

0.12342

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!