Description

Improper Access Control vulnerability in LibreNMS v22.1.0 allows attackers with the normal role/level to interact with port-groups functionality such as create, edit/modify and delete the existing port group. The port-groups functionality fails to enforce policy such that normal users could act outside of their intended permissions which are supposedly accessible by the Administrator only.

Proof of Concept

Affected endpoints:

1 GET http://{HOST}/port-groups - [view all port groups]

2 POST http://{HOST}/port-groups - [create]

3 POST http://{HOST}/port-groups/{port_id} - [edit]

4 DELETE http://{HOST}/port-groups/{port_id} - [delete]

~

Steps to reproduce:

1 Login as normal user.

2 Browse to http://{HOST}/port-groups.

3 We can interact with the port group functionality such as create, edit/modify and delete existing port group.

Impact

This vulnerability is capable of leading to unauthorized information disclosure, modification, or destruction of all data or performing a business function outside the user’s limits.