What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Multiple Vulnerabilites Fixed in Paessler PRTG Network Monitor 23.3.86.1520

Votes:

0

Multiple CVEs were found in Paessler PRTG Network Monitor 23.2.84.1566, what do I need to know about them?

  • CVE-2023-31448
  • CVE-2023-31449
  • CVE-2023-31450
  • CVE-2023-31452
  • CVE-2023-32781
  • CVE-2023-32782

cve security vulnerabilities

Created on Aug 7, 2023 1:55:01 PM by  Dariusz Gorka [Paessler Support]

Last change on Aug 7, 2023 2:26:44 PM by  Jacqueline Conforti [Paessler Support]



1 Reply

Accepted Answer

Votes:

0

This article applies to PRTG 23.2.84.1566 and earlier


Summary

As of PRTG 23.3.86, multiple vulnerabilities were fixed. The vulnerabilities addressed are as follow.

  • Open redirect, which affects the PRTG web interface

You can view the original report posted on Linked In.


Details

What CVE-2023-31448 - PRTG HL7 Path Traversal is about

A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths, allowing the sensor to execute files outside the designated custom sensors folder. The severity of this vulnerability is medium and received a score of 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

What CVE-2023-31449 - PRTG WMI Path Traversal is about

A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths, allowing the sensor to execute files outside the designated custom sensors folder. The severity of this vulnerability is medium and received a score of 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

What CVE-2023-31450 - PRTG SQL Path Traversal is about

A path traversal vulnerability was identified in the SQL v2 sensors in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the SQL v2 sensors into behaving differently for existing files and non-existing files. This made it possible to traverse paths, allowing the sensor to execute files outside the designated custom sensors folder. The severity of this vulnerability is medium and received a score of 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

What CVE-2023-31452 - PRTG CSRF bypass is about

A cross-site request forgery (CSRF) token bypass was identified in PRTG 23.2.84.1566 and earlier versions that allows remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request. This could force PRTG to execute different actions, such as creating new users. The severity of this vulnerability is high and received a score of 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What CVE-2023-32781 - PRTG RCE HL7 Sensor is about

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerability is high and received a score of 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What CVE-2023-32782 - PRTG RCE Dicom Query is about

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerability is high and received a score of 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What is the Open Redirect about

An open redirect vulnerability was identified in PRTG 23.2.84.1566 and earlier versions where a URL could redirect the user to foreign domains. This could potentially be misused for phishing attacks. A user must actively click or otherwise try to visit a vulnerable URL to successfully exploit this vulnerability.


Steps to take

We recommend that you always update to the latest version of PRTG via the Auto-Update feature to maintain the highest level of security. By updating to PRTG 23.3.86.1520, your PRTG installation is not vulnerable to the above-mentioned vulnerabilities anymore.

Created on Aug 7, 2023 1:57:53 PM by  Dariusz Gorka [Paessler Support]

Last change on Aug 14, 2023 11:53:56 AM by  Alexandros Toptsoglou




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.