CVE-2023-31450

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Aug 9, 2023
Updated: Aug 16, 2023
CWE ID 22

Summary

CVE-2023-31450 is a medium severity path traversal vulnerability affecting SQL v2 sensors in PRTG versions 23.2.84.1566 and older. An authenticated user with write permissions can manipulate the sensors' behavior, allowing them to access files outside the designated custom sensors folder. This vulnerability, with a CVSS score of 4.7, can lead to confidential and integrity data loss. Attackers can also potentially execute arbitrary files on affected systems, posing a significant risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • PRTG Network Monitor

Affected Vendors

  • Paessler AG