Path traversal

2023-08-0912:15:00

PRIOn knowledge base

www.prio-n.com

wmi custom sensor

path traversal

prtg

vulnerability

medium severity

cvss

nvd

5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.4%

JSON

A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths, allowing the sensor to execute files outside the designated custom sensors folder. The severity of this vulnerability is medium and received a score of 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CPENameOperatorVersion
prtg_network_monitorlt23.3.86.1520

CPE	Name	Operator	Version
	prtg_network_monitor	lt	23.3.86.1520

References

kb.paessler.com/en/topic/91845-multiple-vulnerabilites-fixed-in-paessler-prtg-network-monitor-23-3-86-1520

www.paessler.com/prtg/history/stable