CVE-2015-7743

Name of the Vulnerable Software and Affected Versions PRTG Network Monitor versions prior to 16.2.23.3077/3078

Description The issue allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses a crafted XML file. This is related to an XML external entity vulnerability.

Recommendations For versions prior to 16.2.23.3077/3078, update to version 16.2.23.3077/3078 or later to resolve the issue. As a temporary workaround, consider restricting access to the HTTP XML/REST Value sensor to minimize the risk of exploitation.