CRITICAL🇵🇱 Wersja polska

CVE-2019-10665

CVSS 9.8v3.1pub. 2019-09-09upd. 2024-11-21

An issue was discovered in LibreNMS through 1.47. The scripts that handle the graphing options (html/includes/graphs/common.inc.php and html/includes/graphs/graphs.inc.php) do not sufficiently validate or encode several fields of user supplied input. Some parameters are filtered with mysqli_real_escape_string, which is only useful for preventing SQL injection attacks; other parameters are unfiltered. This allows an attacker to inject RRDtool syntax with newline characters via the html/graph.php script. RRDtool syntax is quite versatile and an attacker could leverage this to perform a number of attacks, including disclosing directory structure and filenames, file content, denial of service, or writing arbitrary files.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Librenms

    APP
    Librenms
    ≤ 1.47
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLiDoS
CWE
References

Related vulnerabilities

CVE-2024-51092CRITICAL9.1PL ✓ten sam produkt

LibreNMS — zdalne wykonanie kodu przez OS command injection (RCE)

CVE-2026-26988CRITICAL9.3PL ✓ten sam produkt

SQL Injection w LibreNMS — endpoint ajax_table.php (wyszukiwanie IPv6)

CVE-2022-4070CRITICAL9.8ten sam produkt

Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0.

CVE-2022-29712CRITICAL9.8ten sam produkt

LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, host...

CVE-2021-44278CRITICAL9.8ten sam produkt

Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc...