CVE-2023-32781

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-32781
A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerability is high and received a score of 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://packetstormsecurity.com/files/176677/PRTG-Authenticated-Remote-Code-Execution.html
https://kb.paessler.com/en/topic/91845-multiple-vulnerabilites-fixed-in-paessler-prtg-network-monitor-23-3-86-1520 Vendor Advisory
https://www.paessler.com/prtg/history/stable Release Notes
Configurations

Configuration 1 (hide)

cpe:2.3:a:paessler:prtg_network_monitor:*:*:*:*:*:*:*:*
History

23 Jan 2024, 17:15

Type Values Removed Values Added
References
  • () http://packetstormsecurity.com/files/176677/PRTG-Authenticated-Remote-Code-Execution.html -

16 Aug 2023, 12:15

Type Values Removed Values Added
Summary An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760. Due to command-line parameter injection and an undocumented debug feature flag, an attacker can utilize the HL7 sensor to write arbitrary data to the disk. This can be utilized to write a custom EXE(.bat) sensor, that will then run. This primitive gives remote code execution. A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerability is high and received a score of 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

15 Aug 2023, 17:36

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : 7.2

11 Aug 2023, 18:17

Type Values Removed Values Added
References (MISC) https://www.paessler.com/prtg/history/stable - (MISC) https://www.paessler.com/prtg/history/stable - Release Notes
References (MISC) https://kb.paessler.com/en/topic/91845-multiple-vulnerabilites-fixed-in-paessler-prtg-network-monitor-23-3-86-1520 - (MISC) https://kb.paessler.com/en/topic/91845-multiple-vulnerabilites-fixed-in-paessler-prtg-network-monitor-23-3-86-1520 - Vendor Advisory
CPE cpe:2.3:a:paessler:prtg_network_monitor:*:*:*:*:*:*:*:*
CWE CWE-77
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
First Time Paessler
Paessler prtg Network Monitor

09 Aug 2023, 12:46

Type Values Removed Values Added
New CVE
Information

Published : 2023-08-09 12:15

Updated : 2024-02-28 20:33

NVD link : CVE-2023-32781

Mitre link : CVE-2023-32781

CVE.ORG link : CVE-2023-32781

JSON object : View

Products Affected

paessler

  • prtg_network_monitor
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')