CVE-2023-32781 in PRTG Network Monitorinfo

Zusammenfassung

von MITRE • 09.08.2023

An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760. Due to command-line parameter injection and an undocumented debug feature flag, an attacker can utilize the HL7 sensor to write arbitrary data to the disk. This can be utilized to write a custom EXE(.bat) sensor, that will then run. This primitive gives remote code execution.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservieren

15.05.2023

Veröffentlichung

09.08.2023

Moderieren

akzeptiert

Eintrag

VDB-236651

CPE

bereit

EPSS

0.12342

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!