Information disclosure

In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21232

In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21232

In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Wear OS Security Vulnerability

Google Wear OS is a Google-developed operating system from Google, Inc. in the United States, designed specifically for use in smartwatches, smart bands, and other wearable devices. Google Wear OS has a security vulnerability that stems from the presence of privilege bypass in multiple locations,...

PT-2023-18018 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows for the retrieval of sensor data without proper permissions due to a permissions bypass. This can lead to local information disclosure,...

CVE-2023-32781

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this...

CVE-2023-32782

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...

CVE-2023-32782

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...

CVE-2023-32781

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this...

CVE-2023-32782

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...

CVE-2023-32781

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this...

CVE-2023-31449

A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to...

CVE-2023-31448

A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths,...

CVE-2023-31448

A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths,...

CVE-2023-31449

A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to...

Command injection

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...

Command injection

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this...

Path traversal

A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths,...

Path traversal

A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to...

Paessler PRTG Network Monitor Cross-Site Request Forgery Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler, Germany. A cross-site request forgery vulnerability exists in Paessler PRTG Network Monitor version 23.2.83.1760, which stems from NetApp Volume Sensor transmitting plaintext credentials ove...