CVE-2023-31448
CVSS 3.1 Score 4.7 of 10 (medium)
Details
Summary
CVE-2023-31448 is a medium severity path traversal vulnerability affecting PRTG 23.2.84.1566 and earlier versions of the HL7 sensor. An authenticated user with write permissions can manipulate the HL7 sensor to behave differently for existing and non-existing files, enabling path traversal. This allows the sensor to execute files outside of the designated custom sensors folder. The vulnerability has a CVSS score of 4.7 and can be exploited through network (N) and local (L) access with high (H) privileges, affecting confidentiality (C) and integrity (I) of data.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- PRTG Network Monitor
Affected Vendors
- Paessler AG