Published: 24/04/2019 Updated: 04/06/2019

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

LibreNMS 1.46 allows remote malicious users to execute arbitrary OS commands by using the $_POST['community'] parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajax_output.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers html/includes/output/capture.inc.php command mishandling.

Vulnerable Product	Search on Vulmon	Subscribe to Product
librenms librenms 1.46

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'LibreNMS a ...

#!/usr/bin/python ''' # Exploit Title: LibreNMS v146 authenticated Remote Code Execution # Date: 24/12/2018 # Exploit Author: Askar (@mohammadaskar2) # CVE : CVE-2018-20434 # Vendor Homepage: wwwlibrenmsorg/ # Version: v146 # Tested on: Ubuntu 1804 / PHP 7210 ''' import requests from urllib import urlencode import sys if len(sysa ...

LibreNMS version 146 addhost remote code execution exploit ...

This Metasploit module exploits a command injection vulnerability in the open source network management software known as LibreNMS The community parameter used in a POST request to the addhost functionality is unsanitized This parameter is later used as part of a shell command that gets passed to the popen function in captureincphp, which can r ...

Security tool that can get all security vulnerability/search for a specific bug also it can search for tools/scripts. you can use many exploit websites like (db-exploit.com ,packetstormsecurity.com,securityfocus.com )

exploitBox Description Security tool that can get all security vulnerability,search for a specific bug and tools/scripts you can use many websites like (db-exploitcom ,packetstormsecuritycom,securityfocuscom ) Info Email Author Tool Name Tool Version ayadimohamed@outlookcom Ayadi mohamed exploitBox 10 Tool purposes : [1, Search for an exploit using a choosi

INT-18 В данном интенсиве решено несколько заданий Задание №1 a Ссылку на коммит, исправляющий уязвимость b Перечень значимых строк кода, относящихся к уязвимости c Регулярное выражение, позволяющее максимал

CWE-78 https://shells.systems/librenms-v1-46-remote-code-execution-cve-2018-20434/https://gist.github.com/mhaskar/516df57aafd8c6e3a1d70765075d372d https://drive.google.com/file/d/1LcGmOY8x-TG-wnNr-cM_f854kxk0etva/view?usp=sharing http://packetstormsecurity.com/files/153188/LibreNMS-addhost-Command-Injection.html http://packetstormsecurity.com/files/153448/LibreNMS-1.46-addhost-Remote-Code-Execution.html https://nvd.nist.gov https://github.com/ayadim/exploitBox https://www.exploit-db.com/exploits/46970

CVE-2018-20434

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect