What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Is PRTG affected by CVE-2023-22631 or CVE-2023-22632?

Votes:

0

What is the status of CVE-2023-22631 and CVE-2023-22632? Do I need to do anything?

cve-2023-22631 cve-2023-22632 exe prtg security

Created on May 30, 2023 8:51:55 AM by Jacqueline Conforti [Paessler Support]

Last change on May 30, 2023 1:18:50 PM by Jacqueline Conforti [Paessler Support]



1 Reply

Votes:

0

This article applies as of PRTG 23.1.82

Summary

As of PRTG 23.1.82, the vulnerability affecting the FTP Server Count and HTTP XML/REST Value sensors was addressed and fixed.

For more information on the vulnerability found, see CVE-2023-22631 and CVE-2023-22632.

Details

As part of the PRTG security checks, an authorized and authenticated tester reported a vulnerability in certain EXE sensors that allowed users to write an arbitrary file on the probe system. The vulnerabilities were addressed in PRTG 23.1.82.

We recommend that you always update to the latest version of PRTG via the Auto-Update feature to maintain the highest level of security.

Created on May 30, 2023 1:17:38 PM by Jacqueline Conforti [Paessler Support]

Last change on Jun 6, 2023 8:42:47 AM by Jacqueline Conforti [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.