What is the status of CVE-2023-22631 and CVE-2023-22632? Do I need to do anything?
Is PRTG affected by CVE-2023-22631 or CVE-2023-22632?
Modified on 2025-06-10 16:37:03 +0200
Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.
This article applies as of PRTG 23.1.82
Summary
As of PRTG 23.1.82, the vulnerability affecting the FTP Server Count and HTTP XML/REST Value sensors was addressed and fixed.
For more information on the vulnerability found, see CVE-2023-22631 and CVE-2023-22632.
Details
As part of the PRTG security checks, an authorized and authenticated tester reported a vulnerability in certain EXE sensors that allowed users to write an arbitrary file on the probe system. The vulnerabilities were addressed in PRTG 23.1.82.
We recommend that you always update to the latest version of PRTG via the Auto-Update feature to maintain the highest level of security.
May, 2023 - Permalink