LibreNMS is a PHP and MySQL based open source network monitoring system from the LibreNMS community. LibreNMS v22.3.0 contains a command injection vulnerability that stems from the failure of the service_ip, hostname and service_param parameters to properly filter the construct command special characters, commands, etc. An attacker could use this vulnerability to cause arbitrary command execution. An attacker could exploit this vulnerability to cause arbitrary command execution.
CPE | Name | Operator | Version |
---|---|---|---|
librenms librenms v | eq | 22.3.0 |