Vulnerabilities > CVE-2015-7743 - XXE vulnerability in Paessler Prtg Network Monitor
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses a crafted XML file.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Packetstorm
| data source | https://packetstormsecurity.com/files/download/137255/rt-sa-2015-012.txt |
| id | PACKETSTORM:137255 |
| last seen | 2016-12-05 |
| published | 2016-05-31 |
| reporter | redteam-pentesting.de |
| source | https://packetstormsecurity.com/files/137255/Paessler-PRTG-Network-Monitor-14.4.12.3282-XXE-Injection.html |
| title | Paessler PRTG Network Monitor 14.4.12.3282 XXE Injection |