8 matches found
GHSA-QP2J-V5JG-HG68 LibreNMS contains an authenticated SQL Injection vulnerability
LibreNMS 1.46 contains an authenticated SQL Injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL Injection techniques to retrieve...
SQL Injection
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to SQL Injection via the sort parameter in the MAC accounting graph endpoint. An attacker can extract sensitive database...
CVE-2020-36947
LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...
CVE-2020-36947 LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...
CVE-2020-36947 LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...
CVE-2020-36947
LibreNMS 1.46 contains an authenticated SQL injection in the MAC accounting graph endpoint. An attacker with valid credentials can modify the sort parameter to perform SQL queries that extract sensitive database contents via time-based blind SQL injection. The exploitation targets the MAC account...
EUVD-2020-30862
LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...
PT-2026-4926
Name of the Vulnerable Software and Affected Versions LibreNMS version 1.46 Description LibreNMS version 1.46 contains an authenticated SQL injection issue in the MAC accounting graph endpoint. This allows remote attackers to extract database information by manipulating the sort parameter with...