CVE-2023-31450 (prtg_network_monitor)

An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. To exploit the vulnerability, a authenticated user can create a SQL Sensor. When creating this sensor, the user can set the SQL message that should be sent from the PRTG device. This input parameter contains a path traversal vulnerability that allows an attacker to choose arbitrary files from the system. They will be transmitted over the internet to the attacker's machine.

cve device exploit files input issue message monitor network network monitor paessler parameter path path traversal sensor sql vulnerability x64