High severity7.5NVD Advisory· Published Apr 26, 2023· Updated Jun 17, 2026
CVE-2023-26735
CVE-2023-26735
Description
blackbox_exporter v0.23.0 was discovered to contain an access control issue in its probe interface. This vulnerability allows attackers to detect intranet ports and services, as well as download resources. NOTE: this is disputed by third parties because authentication can be configured.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/prometheus/blackbox_exporterGo | <= 0.23.0 | — |
Affected products
2- blackbox_exporter/blackbox_exporterdescription
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-939c-3g97-vpvvghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-26735ghsaADVISORY
- blackboxexporter.comnvdBroken LinkWEB
- prometheus.comnvdBroken LinkWEB
- github.com/prometheus/blackbox_exporter/issues/1024nvdIssue TrackingWEB
- github.com/prometheus/blackbox_exporter/issues/1025nvdIssue TrackingWEB
- github.com/prometheus/blackbox_exporter/issues/1026nvdIssue TrackingWEB
News mentions
0No linked articles in our index yet.