13 matches found
GHSA-QP2J-V5JG-HG68 LibreNMS contains an authenticated SQL Injection vulnerability
LibreNMS 1.46 contains an authenticated SQL Injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL Injection techniques to retrieve...
SQL Injection
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to SQL Injection via the sort parameter in the MAC accounting graph endpoint. An attacker can extract sensitive database...
LibreNMS contains an authenticated SQL Injection vulnerability
LibreNMS 1.46 contains an authenticated SQL Injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL Injection techniques to retrieve...
CVE-2020-36947
LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...
CVE-2020-36947
LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...
EUVD-2020-30862
LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...
CVE-2020-36947 LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...
CVE-2020-36947
LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...
CVE-2020-36947
LibreNMS 1.46 contains an authenticated SQL injection in the MAC accounting graph endpoint. An attacker with valid credentials can modify the sort parameter to perform SQL queries that extract sensitive database contents via time-based blind SQL injection. The exploitation targets the MAC account...
CVE-2020-36947 LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...
PT-2026-4926
Name of the Vulnerable Software and Affected Versions LibreNMS version 1.46 Description LibreNMS version 1.46 contains an authenticated SQL injection issue in the MAC accounting graph endpoint. This allows remote attackers to extract database information by manipulating the sort parameter with...
LibreNMS security vulnerabilities
LibreNMS is an open-source network monitoring system developed by the LibreNMS community, based on PHP and MySQL. This system features custom alerts, automatic discovery of networks, and automatic updates. Version 1.46 of LibreNMS contains a security vulnerability, which stems from improper...
LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
Exploit Title: LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection Google Dork: Unknown Date: 13-12-2020 Exploit Author: Hodorsec Vendor Homepage: https://www.librenms.org Software Link: https://github.com/librenms/librenms Update notice:...