CVE-2019-10666
First published: Mon Sep 09 2019(Updated: )
An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include() function on user supplied input without sanitizing the values by calling basename() or a similar function. An attacker can leverage this to execute PHP code from the included file. Exploitation of these scripts is made difficult by additional text being appended (typically .inc.php), which means an attacker would need to be able to control both a filename and its content on the server. However, exploitation can be achieved as demonstrated by the csv.php?report=../ substring.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Librenms Librenms | <=1.47 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-10666?
CVE-2019-10666 is a vulnerability in LibreNMS through version 1.47 that allows an attacker to execute PHP code from included files.
How severe is CVE-2019-10666?
CVE-2019-10666 has a severity rating of 8.1, which is considered high.
What is the affected software for CVE-2019-10666?
The affected software is LibreNMS version 1.47.
How can an attacker exploit CVE-2019-10666?
An attacker can exploit CVE-2019-10666 by leveraging dynamic script inclusion in several scripts of LibreNMS, allowing them to execute PHP code from included files.
Is there a fix for CVE-2019-10666?
Yes, updating to a version of LibreNMS beyond 1.47 will fix the vulnerability.
- collector/nvd-index
- vendor/librenms
- canonical/librenms librenms
- version/librenms librenms/1.47