First published: Mon Sep 09 2019(Updated: )
An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include() function on user supplied input without sanitizing the values by calling basename() or a similar function. An attacker can leverage this to execute PHP code from the included file. Exploitation of these scripts is made difficult by additional text being appended (typically .inc.php), which means an attacker would need to be able to control both a filename and its content on the server. However, exploitation can be achieved as demonstrated by the csv.php?report=../ substring.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Librenms Librenms | <=1.47 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-10666 is a vulnerability in LibreNMS through version 1.47 that allows an attacker to execute PHP code from included files.
CVE-2019-10666 has a severity rating of 8.1, which is considered high.
The affected software is LibreNMS version 1.47.
An attacker can exploit CVE-2019-10666 by leveraging dynamic script inclusion in several scripts of LibreNMS, allowing them to execute PHP code from included files.
Yes, updating to a version of LibreNMS beyond 1.47 will fix the vulnerability.