CVE-2026-30480

A Local File Inclusion LFI vulnerability in the NFSen module nfsen.inc.php of LibreNMS 22.11.0-23-gd091788f2 allows authenticated attackers to include arbitrary PHP files from the server filesystem via path traversal sequences in the nfsen parameter...

EUVD-2026-22251

A Local File Inclusion LFI vulnerability in the NFSen module nfsen.inc.php of LibreNMS 22.11.0-23-gd091788f2 allows authenticated attackers to include arbitrary PHP files from the server filesystem via path traversal sequences in the nfsen parameter...

CVE-2026-30480

A Local File Inclusion LFI vulnerability in the NFSen module nfsen.inc.php of LibreNMS 22.11.0-23-gd091788f2 allows authenticated attackers to include arbitrary PHP files from the server filesystem via path traversal sequences in the nfsen parameter...

Directory Traversal

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Directory Traversal via the nfsen parameter in the nfsen.inc.php file. An attacker can execute arbitrary PHP code by...

CVE-2026-30480

A Local File Inclusion LFI vulnerability in the NFSen module nfsen.inc.php of LibreNMS 22.11.0-23-gd091788f2 allows authenticated attackers to include arbitrary PHP files from the server filesystem via path traversal sequences in the nfsen parameter...

CVE-2026-30480

A Local File Inclusion LFI vulnerability in the NFSen module nfsen.inc.php of LibreNMS 22.11.0-23-gd091788f2 allows authenticated attackers to include arbitrary PHP files from the server filesystem via path traversal sequences in the nfsen parameter...

CVE-2026-30480

CVE-2026-30480 – LibreNMS NFSen LFI via nfsen parameter involves an authenticated Local File Inclusion in the NFSen module (includes/html/pages/device/nfsen/nfsen.inc.php). The root cause is unsafely concatenating user input (vars['nfsen']) into a file path without proper sanitization; an attacke...

LibreNMS 安全漏洞

LibreNMS is an open-source network monitoring system developed by the LibreNMS community, based on PHP and MySQL. This system features custom alerts, automatic discovery of networks, and automatic updates. Version LibreNMS 22.11.0-23-gd091788f2 contains security vulnerabilities. These...

PT-2026-32629

Name of the Vulnerable Software and Affected Versions LibreNMS version 22.11.0-23-gd091788f2 Description A Local File Inclusion LFI issue exists in the NFSen module nfsen.inc.php. This occurs due to improper restriction of the directory path name when processing the nfsen parameter. An...

CVE-2026-30480

A Local File Inclusion LFI vulnerability in the NFSen module nfsen.inc.php of LibreNMS 22.11.0-23-gd091788f2 allows authenticated attackers to include arbitrary PHP files from the server filesystem via path traversal sequences in the nfsen parameter...

Exploit for CVE-2026-30480

CVE-2026-30480: LibreNMS Local File Inclusion LFI via Path T...

EUVD-2017-16008

Malware in sbrugna...

NfSen Command Injection Vulnerability

NfSen is a Web-based front-end for nfdump an open source netflow collection, storage, filtering, and statistical analysis tool. A security vulnerability exists in versions of NfSen prior to 1.3.8. A remote attacker can exploit the vulnerability to execute arbitrary operating system commands...

NfSen < 1.3.7 / AlienVault OSSIM 4.3.1 - 'customfmt' Command Injection

Exploit Title: NfSen/AlienVault remote root exploit command injection in customfmt parameter Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault USM/OSSIM 4.3.1 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/...

NfSen 1.3.7 / AlienVault OSSIM 4.3.1 customfnt Command Injection

Exploit Title: NfSen/AlienVault remote root exploit command injection in customfmt parameter Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault USM/OSSIM 4.3.1 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/...

CVE-2017-7175

NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter aka the "Custom output format" field...

Format string

NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter aka the "Custom output format" field...

CVE-2017-7175

CVE-2017-7175 affects NfSen versions before 1.3.8. A remote attacker can execute arbitrary OS commands via shell metacharacters in the customfmt parameter (the Custom output format field). Exploit details indicate a remote command-injection affecting NfSen 1.3.6/1.3.7 and related AlienVault OSSIM...

CVE-2017-7175

NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter aka the "Custom output format" field...

NfSen <= 1.3.7 / AlienVault OSSIM 5.3.4 - Command Injection Vulnerability

Exploit for linux platform in category remote exploits Exploit Title: NfSen/AlienVault remote root exploit IPC query command injection Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault 5.3.4 Vendor Homepage:...