CVE-2023-31449

The CVE-2023-31449 entry describes a path traversal in Paessler PRTG Network Monitor’s WMI Custom sensor (versions 23.2.84.1566 and earlier). An authenticated user with write permissions could exploit the WMI Custom sensor to behave differently for existing vs non-existing files, enabling path tr...

CVE-2023-31448

CVE-2023-31448 affects Paessler PRTG Network Monitor: the HL7 sensor in version 23.2.84.1566 and earlier allows an authenticated user with write privileges to manipulate HL7 input and cause path traversal, enabling execution of files outside the designated custom sensors folder. This results in p...

Paessler PRTG Network Monitor Command Injection Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler, Germany. Paessler PRTG Network Monitor version 23.2.83.1760 suffers from a command injection vulnerability that originates from an injectable command-line parameter, which can be exploited t...

CVE-2023-31449

A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to...

PT-2023-23336 · Prtg · Prtg

Name of the Vulnerable Software and Affected Versions: PRTG versions 23.2.84.1566 and earlier Description: A path traversal vulnerability was identified in the SQL v2 sensors where an authenticated user with write permissions could trick the sensors into behaving differently for existing and...

CVE-2023-31450

A path traversal vulnerability was identified in the SQL v2 sensors in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the SQL v2 sensors into behaving differently for existing files and non-existing files. This made it possible to traverse...

CVE-2023-31448

A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths,...

PT-2023-23333 · Prtg · Prtg

Name of the Vulnerable Software and Affected Versions: PRTG versions 23.2.84.1566 and earlier Description: A path traversal vulnerability was identified in the HL7 sensor where an authenticated user with write permissions could trick the sensor into behaving differently for existing files and...

PT-2023-24016 · Prtg · Prtg

Name of the Vulnerable Software and Affected Versions: PRTG versions 23.2.84.1566 and earlier Description: A command injection issue was identified in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially...

Paessler PRTG Network Monitor Path Traversal Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler, Germany. A path traversal vulnerability exists in Paessler PRTG Network Monitor version 23.2.83.1760, which stems from the creation of an HL7 sensor that allows the user to set the HL7 messa...

CVE-2023-31449

A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to...

CVE-2023-32781

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this...

CVE-2023-32781

CVE-2023-32781 affects Paessler PRTG Network Monitor, specifically the HL7 sensor in versions 23.2.84.1566 and earlier. Affects an authenticated user with write permissions who can abuse the sensor’s debug option to write new files, potentially enabling execution by the EXE/Script sensor and resu...

CVE-2023-32782

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...

PT-2023-24015 · Paessler · Prtg

Name of the Vulnerable Software and Affected Versions: PRTG versions 23.2.84.1566 and earlier Description: A command injection issue was identified in the HL7 sensor of PRTG, where an authenticated user with write permissions could abuse the debug option to write new files that could potentially...

PT-2023-23334 · Prtg · Prtg

Name of the Vulnerable Software and Affected Versions: PRTG versions 23.2.84.1566 and earlier Description: A path traversal vulnerability was identified in the WMI Custom sensor where an authenticated user with write permissions could trick the sensor into behaving differently for existing files...

Paessler PRTG Network Monitor Command Injection Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler, Germany. A command injection vulnerability exists in Paessler PRTG Network Monitor version 23.2.83.1760, which stems from command line parameter injection and undocumented debug feature flag...

OESA-2023-1437 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb-cb initialization in the ipvlan network...

KeySight N6841A RF Sensor smsRestoreDatabaseZip Exposed Dangerous Function Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

KeySight N6841A RF Sensor deleteFirmwarePackage Directory Traversal Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...