Cyber Resilience

CVE-2023-32781

HighPublic PoCRCE

Published: 09 August 2023

Published
09 August 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.4722 97.8th percentile
Risk Priority 43 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-32781 is a high-severity Command Injection (CWE-77) vulnerability in Paessler Prtg Network Monitor. Its CVSS base score is 7.2 (High).

Operationally, ranked in the top 2.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A command injection vulnerability exists in Paessler PRTG Network Monitor versions 23.2.84.1566 and earlier, specifically within the HL7 sensor. An authenticated user with write permissions can abuse the sensor's debug option to create arbitrary files on the system that may subsequently be executed through the EXE/Script sensor, corresponding to CWE-77 and carrying a CVSS 3.1 score of 7.2.

An attacker who already possesses valid credentials with sufficient write access can leverage this flaw to achieve remote code execution on the PRTG server. The attack requires network reachability to the monitoring instance but does not need user interaction or special privileges beyond those write permissions.

Paessler has addressed the issue, along with other vulnerabilities, in PRTG version 23.3.86.1520, as documented in the vendor's knowledge-base article. Public proof-of-concept code demonstrating authenticated remote code execution has been published on Packet Storm. The associated EPSS score currently stands at 0.4722 with a recorded peak of 0.4893.

EU & UK References

Vulnerability details

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script…

more

sensor. The severity of this vulnerability is high and received a score of 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

paessler
prtg network monitor
≤ 23.3.86.1520

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References