1207 matches found
PT-2026-20981
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are vulnerable to Reflected XSS attacks via email field. This issue has been fixed in version 26.2.0...
LibreNMS 跨站脚本漏洞
LibreNMS is an open-source network monitoring system developed by the LibreNMS community, based on PHP and MySQL. This system features custom alerts, automatic discovery of networks, and automatic updates. Versions of LibreNMS prior to 25.12.0 contained a cross-site scripting vulnerability. This...
LibreNMS SQL注入漏洞
LibreNMS is an open-source network monitoring system developed by the LibreNMS community, based on PHP and MySQL. This system features custom alerts, automatic discovery of networks, and automatic updates. Versions of LibreNMS prior to 25.12.0 have a SQL injection vulnerability, which stems from...
LibreNMS 跨站脚本漏洞
LibreNMS is an open-source network monitoring system developed by the LibreNMS community, based on PHP and MySQL. This system features custom alerts, automatic discovery of networks, and automatic updates. Versions of LibreNMS prior to 26.1.1 contained a cross-site scripting vulnerability. This...
PT-2026-20904
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are affected by a Stored Cross-Site Scripting XSS vulnerability in the Alert Rules workflow. An attacker with administrative privileges can inject malicious scripts that execute in the browser...
SQL Injection
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to SQL Injection via the address parameter in the address-search.inc.php process. An authenticated attacker can extract...
GHSA-79Q9-WC6P-CF92 LibreNMS has a Time-Based Blind SQL Injection in address-search.inc.php
Summary A time-based blind SQL injection vulnerability exists in address-search.inc.php via the address parameter. When a crafted subnet prefix is supplied, the prefix value is concatenated directly into an SQL query without proper parameter binding, allowing an attacker to manipulate query logic...
Cross-site Scripting (XSS)
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the alertrulelist.inc.php process. An attacker can execute arbitrary JavaScript code in...
LibreNMS has a Stored XSS in Alert Rule
Summary A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS " . e$ruledisplay . " PoC Request PoC: POST /alert-rule HTTP/1.1 Host: 192.168.236.131 User-Agent: Mozilla/5.0 X11; Linux x8664; rv:140.0 Gecko/20100101 Firefox/140.0 Accept: application/json, text/javascript, /; q=0.01...
GHSA-6XMX-XR9P-58P7 LibreNMS has a Stored XSS in Alert Rule
Summary A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS " . e$ruledisplay . " PoC Request PoC: POST /alert-rule HTTP/1.1 Host: 192.168.236.131 User-Agent: Mozilla/5.0 X11; Linux x8664; rv:140.0 Gecko/20100101 Firefox/140.0 Accept: application/json, text/javascript, /; q=0.01...
GHSA-H3RV-Q4RQ-PQCV LibreNMS: SQL Injection in ajax_table.php spreads through a covert data stream.
Summary SQL Injection in IPv6 Address Search functionality via address parameter A SQL injection vulnerability exists in the ajaxtable.php endpoint. The application fails to properly sanitize or parameterize user input when processing IPv6 address searches. Specifically, the address parameter is...
SQL Injection
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to SQL Injection via the address parameter in the IPv6 address search process. An attacker can execute arbitrary SQL...
GHSA-FQX6-693C-F55G LibreNMS has a Stored XSS in Custom OID - unit parameter missing strip_tags()
Summary The unit parameter in Custom OID functionality lacks striptags sanitization while other fields name, oid, datatype are sanitized. The unsanitized value is stored in the database and rendered without HTML escaping, allowing Stored XSS. Details Vulnerable Input Processing...
LibreNMS has a Stored XSS in Custom OID - unit parameter missing strip_tags()
Summary The unit parameter in Custom OID functionality lacks striptags sanitization while other fields name, oid, datatype are sanitized. The unsanitized value is stored in the database and rendered without HTML escaping, allowing Stored XSS. Details Vulnerable Input Processing...
Cross-site Scripting (XSS)
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the name parameter in the HTTP POST request to /port-groups. An attacker with admin...
GHSA-93FX-G747-695X LibreNMS /port-groups name Stored Cross-Site Scripting
Summary /port-groups name Stored Cross-Site Scripting - HTTP POST - Request-URIs: "/port-groups" - Vulnerable parameters: "name" - Attacker must be authenticated with "admin" privileges. - When a user adds a port group, an HTTP POST request is sent to the Request-URI "/port-groups". The name of t...
LibreNMS /port-groups name Stored Cross-Site Scripting
Summary /port-groups name Stored Cross-Site Scripting - HTTP POST - Request-URIs: "/port-groups" - Vulnerable parameters: "name" - Attacker must be authenticated with "admin" privileges. - When a user adds a port group, an HTTP POST request is sent to the Request-URI "/port-groups". The name of t...
Cross-site Scripting (XSS)
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the name parameter in the HTTP POST request to /device-groups. An attacker with admin...
LibreNMS /device-groups name Stored Cross-Site Scripting
Summary /device-groups name Stored Cross-Site Scripting - HTTP POST - Request-URIs: "/device-groups" - Vulnerable parameters: "name" - Attacker must be authenticated with "admin" privileges. - When a user adds a device group, an HTTP POST request is sent to the Request-URI "/device-groups". The...
LibreNMS affected by reflected xss via email field
Summary reflected xss via email field Details 1. visit http://127.0.0.1/settings/alerting/email 2. in the email address input but this payload 3. notice the alert PoC - video attached with the report https://github.com/user-attachments/assets/c1b443f5-85c6-4545-b04f-def06d82b42e Impact can lead t...