CVE-2023-31452

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 9, 2023

Updated: Aug 22, 2023

CWE ID 352

Summary

CVE-2023-31452 is a high-severity vulnerability affecting PRTG Network Monitor versions 23.2.84.1566 and earlier. Attackers can exploit this Cross-Site Request Forgery (CSRF) token bypass to execute actions on a victim's behalf, including creating new users. The vulnerability is rated with a CVSS score of 8.8, indicating a high risk of exploitation. An active session and user inducement are required for successful exploitation, making this a significant threat to organizations using PRTG.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

PRTG Network Monitor

Affected Vendors

Paessler AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sM6n-2
https://www.cve.org/CVERecord?id=CVE-2023-31452
https://nvd.nist.gov/vuln/detail/CVE-2023-31452

Back to Vulnerability Database