[R1] Sensor Proxy Version 1.0.8 Fixes Multiple Vulnerabilities

R1 Sensor Proxy Version 1.0.8 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 08/15/2023 - 15:13 Sensor Proxy leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated versions have been ma...

CVE-2023-21232

In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21232

In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Information disclosure

In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21232

In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21232

In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2023-18018 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows for the retrieval of sensor data without proper permissions due to a permissions bypass. This can lead to local information disclosure,...

Google Wear OS Security Vulnerability

Google Wear OS is a Google-developed operating system from Google, Inc. in the United States, designed specifically for use in smartwatches, smart bands, and other wearable devices. Google Wear OS has a security vulnerability that stems from the presence of privilege bypass in multiple locations,...

CVE-2023-32782

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...

CVE-2023-32781

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this...

CVE-2023-32782

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...

CVE-2023-32781

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this...

CVE-2023-32782

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...

CVE-2023-32781

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this...

CVE-2023-31448

A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths,...

CVE-2023-31449

A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to...

CVE-2023-31448

A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths,...

CVE-2023-31449

A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to...

Command injection

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...

Path traversal

A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to...