LibreNMS version 1.46 addhost remote code execution exploit.
e097a34b58d0c2df9716a65556604b2510639df3b7a0b98498f57b52615842f2This Metasploit module exploits a command injection vulnerability in the open source network management software known as LibreNMS. The community parameter used in a POST request to the addhost functionality is unsanitized. This parameter is later used as part of a shell command that gets passed to the popen function in capture.inc.php, which can result in execution of arbitrary code. This module requires authentication to LibreNMS first.
8fd9521e1c38f9ad21b8611a1a79a4fa7ccda2ca71da5acfd86ca9767c9411ae
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed