PatchSiren cyber security CVE debrief
CVE-2015-7743 Paessler CVE debrief
CVE-2015-7743 is an XML external entity (XXE) issue in Paessler PRTG Network Monitor. Per the CVE description in the supplied corpus, a remote authenticated user could create a new HTTP XML/REST Value sensor that processes a crafted XML file and read arbitrary files. The NVD record maps the weakness to CWE-611 and describes a network-reachable issue that requires low privileges but no user interaction. Paessler’s stable-history reference points to the remediation line around version 16.2.23.3077/3078.
- Vendor
- Paessler
- Product
- CVE-2015-7743
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-01-23
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-01-23
- Advisory updated
- 2026-05-13
Who should care
Administrators and security teams running Paessler PRTG Network Monitor, especially where authenticated users can create or manage sensors. Environments that expose PRTG to broader internal user populations should prioritize review.
Technical summary
The supplied NVD record classifies this as CWE-611 (XXE) with CVSS 3.0 vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. The described attack path is remote and authenticated: an attacker creates an HTTP XML/REST Value sensor that references a crafted XML file, enabling arbitrary file reads through entity expansion. The corpus contains a version-scope discrepancy: the CVE description references a fix before 16.2.23.3077/3078, while the NVD CPE criteria in the supplied record marks versions through 14.4.12.3282 as vulnerable. Use the vendor history reference to validate the upgrade target for your installed branch.
Defensive priority
Medium-high. The issue is remotely reachable and can expose sensitive file contents, but it requires authentication and the provided CVSS vector does not indicate integrity or availability impact.
Recommended defensive actions
- Upgrade PRTG Network Monitor to a fixed release identified by Paessler’s stable history reference around 16.2.23.3077/3078.
- Restrict sensor creation and XML/REST-related configuration permissions to trusted administrators only.
- Review existing HTTP XML/REST Value sensors for unexpected or untrusted XML sources.
- Inventory deployed PRTG versions and compare them against the affected-version information in both the CVE description and Paessler’s history page.
- Monitor for unusual file-access patterns or configuration changes by authenticated PRTG users.
- If custom XML integrations are used, confirm external entity processing is disabled or otherwise safely handled where applicable.
Evidence notes
The supplied CVE description states that remote authenticated users can read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses a crafted XML file. The NVD record supplied with the corpus assigns CWE-611 and CVSS 3.0 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, and the reference list includes Paessler’s stable history page around 16.2.23.3077/3078 as the vendor remediation marker. The same NVD record’s CPE criteria also lists vulnerability through 14.4.12.3282, so the exact affected range should be validated against the vendor reference.
Official resources
-
CVE-2015-7743 CVE record
CVE.org
-
CVE-2015-7743 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory, VDB Entry
-
Source reference
[email protected] - VDB Entry
Publicly disclosed in the CVE record on 2017-01-23; the 2026-05-13 modified timestamp reflects later record maintenance, not the original issue date.