Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
librenms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-48294
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions of LibreNMS when a user accesses their device dashboard, one request is sent to `graph.php` to access gr...
Librenms Librenms
5.4
CVSSv3
CVE-2023-48295
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. Affected versions are subject to a cross site scripting (XSS) vulnerability in the device group popups. This issue has been a...
Librenms Librenms
8.8
CVSSv3
CVE-2020-15877
An issue exists in LibreNMS prior to 1.65.1. It has insufficient access control for normal users because of "'guard' => 'admin'" instead of "'middleware' => ['can:admin']" in routes/web.php.
Librenms Librenms
6.1
CVSSv3
CVE-2018-18478
Persistent Cross-Site Scripting (XSS) issues in LibreNMS prior to 1.44 allow remote malicious users to inject arbitrary web script or HTML via the dashboard_name parameter in the /ajax_form.php resource, related to html/includes/forms/add-dashboard.inc.php, html/includes/forms/de...
Librenms Librenms
6.5
CVSSv3
CVE-2023-5591
SQL Injection in GitHub repository librenms/librenms before 23.10.0.
Librenms Librenms
6.1
CVSSv3
CVE-2022-29711
LibreNMS v22.3.0 exists to contain a cross-site scripting (XSS) vulnerability via the component /Table/GraylogController.php.
Librenms Librenms 22.3.0
9.8
CVSSv3
CVE-2022-29712
LibreNMS v22.3.0 exists to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters.
Librenms Librenms 22.3.0
7.5
CVSSv3
CVE-2019-12464
An issue exists in LibreNMS 1.50.1. An authenticated user can perform a directory traversal attack against the /pdf.php file with a partial filename in the report parameter, to cause local file inclusion resulting in code execution.
Librenms Librenms 1.50.1
6.1
CVSSv3
CVE-2021-44277
Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/common/alert-log.inc.php.
Librenms Librenms 21.11.0
9.8
CVSSv3
CVE-2021-44278
Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc.php.
Librenms Librenms 21.11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »