What is the status of CVE-2023-31448, CVE-2023-31449, CVE-2023-31450, CVE-2023-31452, CVE-2023-32781, and CVE-2023-32782? Do I need to do anything?
How has security improved in PRTG 23.2.86?
Modified on 2025-06-10 16:35:43 +0200
Attention: This article is a record of a conversation with the Paessler support team. The information in this conversation is not updated to preserve the historical record. As a result, some of the information or recommendations in this conversation might be out of date.
Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.
This applies as of PRTG 23.2.86
Summary
As of PRTG 23.2.86, multiple vulnerabilities were addressed. We fixed a path traversal vulnerability that affected the WMI Custom, MySQLv2, and the HL7 sensors. We also fixed a vulnerability that made it possible to bypass the CSRF protection by executing certain HTTP calls. Finally, we fixed a vulnerability present in DICOM sensors and the HL7 sensor that potentially allowed a PRTG user with write permissions to use a debug parameter to create an executable file on the local system.
Details
CVE-2023-31448, CVE-2023-31449, and CVE-2023-31450
A penetration tester brought several possible vulnerabilities to our attention. We fixed a path traversal vulnerability where the WMI Custom, MySQLv2 and the HL7 sensors could be created by an authenticated user with unintended paths to WMI, SQL or HL7 files on the host system and possibly execute arbitrary actions.
For more information on the vulnerabilities, see CVE-2023-31448, CVE-2023-31449, and CVE-2023-31450.
CVE-2023-31452
We fixed a vulnerability where it was possible to bypass the CSRF protection by executing HTTP calls on several endpoints via a GET request.
For more information on the vulnerability, see CVE-2023-31452.
CVE-2023-32781 and CVE-2023-32782
We fixed a vulnerability where a PRTG user with write permissions could trick a few sensors into creating possibly executable files on the host system by defining a debug parameter during the creation of DICOM sensors and the HL7 sensor.
For more information on the vulnerabilities, see CVE-2023-32781 and CVE-2023-32782.
Steps to take
We recommend that you always update to the latest version of PRTG via the Auto-Update feature to maintain the highest level of security.
Jun, 2023 - Permalink