2 matches found
CVE-2023-48294
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions of LibreNMS when a user accesses their device dashboard, one request is sent to graph.php to access graphs generated on t...
CVE-2023-48294
LibreNMS vulnerability CVE-2023-48294 allows a low-privilege user to enumerate devices by id or hostname via an unauthenticated graph.php request when viewing a device dashboard. The root cause is broken/insufficient access control around the graph endpoint, enabling information disclosure of all...