CVE-2023-31449

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Aug 9, 2023
Updated: Aug 16, 2023
CWE ID 22

Summary

CVE-2023-31449 is a newly identified medium-severity vulnerability affecting the WMI Custom sensor in PRTG versions 23.2.84.1566 and earlier. Authenticated users with write permissions can exploit this path traversal issue to trick the sensor into executing files outside the designated custom sensors folder. The vulnerability, which received a CVSS score of 4.7, allows attacked users to navigate through system paths, potentially leading to Local Confidentiality, Integrity, and Availability impacts.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • PRTG Network Monitor

Affected Vendors

  • Paessler AG