3 matches found
CVE-2025-54138 LibreNMS has Authenticated Local File Inclusion in ajax_form.php that Allows RCE
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. LibreNMS versions 25.6.0 and below contain an architectural vulnerability in the ajaxform.php endpoint that permits Remote File Inclusion base...
CVE-2025-54138
CVE-2025-54138 affects LibreNMS 25.6.0 and earlier. The vulnerability is an architectural Remote File Inclusion in the ajax_form.php endpoint: user-controlled POST input (type) causes inclusion of includes/html/forms/{type}.inc.php, enabling a potential Remote Code Execution if an attacker can st...
CVE-2025-54138 LibreNMS has Authenticated Local File Inclusion in ajax_form.php that Allows RCE
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. LibreNMS versions 25.6.0 and below contain an architectural vulnerability in the ajaxform.php endpoint that permits Remote File Inclusion base...