Lucene search
K

8 matches found

OSV
OSV
added 2026/01/27 6:32 p.m.4 views

GHSA-QP2J-V5JG-HG68 LibreNMS contains an authenticated SQL Injection vulnerability

LibreNMS 1.46 contains an authenticated SQL Injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL Injection techniques to retrieve...

7.1CVSS5.8AI score0.00399EPSS
Exploits1References5
Snyk
Snyk
added 2026/01/27 6:32 p.m.4 views

SQL Injection

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to SQL Injection via the sort parameter in the MAC accounting graph endpoint. An attacker can extract sensitive database...

7.1CVSS5.8AI score0.00399EPSS
Exploits1References2
NVD
NVD
added 2026/01/27 4:16 p.m.7 views

CVE-2020-36947

LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...

7.1CVSS0.00399EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/27 3:23 p.m.6 views

CVE-2020-36947 LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection

LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...

7.1CVSS6AI score0.00399EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/27 3:23 p.m.23 views

CVE-2020-36947 LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection

LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...

7.1CVSS0.00399EPSS
Exploits1References5
CVE
CVE
added 2026/01/27 3:23 p.m.12 views

CVE-2020-36947

LibreNMS 1.46 contains an authenticated SQL injection in the MAC accounting graph endpoint. An attacker with valid credentials can modify the sort parameter to perform SQL queries that extract sensitive database contents via time-based blind SQL injection. The exploitation targets the MAC account...

7.1CVSS6AI score0.00399EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/01/27 3:23 p.m.8 views

EUVD-2020-30862

LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve...

7.1CVSS6AI score0.00399EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.6 views

PT-2026-4926

Name of the Vulnerable Software and Affected Versions LibreNMS version 1.46 Description LibreNMS version 1.46 contains an authenticated SQL injection issue in the MAC accounting graph endpoint. This allows remote attackers to extract database information by manipulating the sort parameter with...

7.1CVSS5.7AI score0.00399EPSS
Exploits1References10
Rows per page
Query Builder