Librenms

Librenms

104 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-51496

Exploit
  • EPSS 1.14%
  • Veröffentlicht 15.11.2024 16:15:37
  • Zuletzt bearbeitet 21.11.2024 23:33:42

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the "metric" parameter of the "/wireless" and "/health" endpoints allows attackers to inject arbitrary JavaScript. Thi...

5.4

CVE-2024-51497

Exploit
  • EPSS 0.9%
  • Veröffentlicht 15.11.2024 16:15:37
  • Zuletzt bearbeitet 20.11.2024 14:41:19

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Custom OID" tab of a device allows authenticated users to inject arbitrary JavaScript through the "unit" parameter w...

4.8

CVE-2024-50355

Exploit
  • EPSS 0.09%
  • Veröffentlicht 15.11.2024 16:15:36
  • Zuletzt bearbeitet 20.11.2024 14:39:36

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input in the device Display Name, if java script code is inside...

5.4

CVE-2024-49759

Exploit
  • EPSS 0.55%
  • Veröffentlicht 15.11.2024 16:15:35
  • Zuletzt bearbeitet 20.11.2024 14:40:17

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Manage User Access" page allows authenticated users to inject arbitrary JavaScript through the "bill_name" parameter...

5.4

CVE-2024-49764

Exploit
  • EPSS 0.9%
  • Veröffentlicht 15.11.2024 16:15:35
  • Zuletzt bearbeitet 20.11.2024 14:40:02

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Capture Debug Information" page allows authenticated users to inject arbitrary JavaScript through the "hostname" par...

5.4

CVE-2024-50350

Exploit
  • EPSS 0.94%
  • Veröffentlicht 15.11.2024 16:15:35
  • Zuletzt bearbeitet 20.11.2024 14:39:51

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when crea...

5.4

CVE-2024-50351

Exploit
  • EPSS 1.07%
  • Veröffentlicht 15.11.2024 16:15:35
  • Zuletzt bearbeitet 21.11.2024 23:37:56

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the "section" parameter of the "logs" tab of a device allows attackers to inject arbitrary JavaScript. This vulnerabil...

5.4

CVE-2024-50352

Exploit
  • EPSS 11.79%
  • Veröffentlicht 15.11.2024 16:15:35
  • Zuletzt bearbeitet 20.11.2024 14:37:42

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Services" section of the Device Overview page allows authenticated users to inject arbitrary JavaScript through the ...

5.4

CVE-2024-49754

Exploit
  • EPSS 14.3%
  • Veröffentlicht 15.11.2024 16:15:34
  • Zuletzt bearbeitet 20.11.2024 15:02:42

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the API-Access page allows authenticated users to inject arbitrary JavaScript through the "token" parameter when creating...

4.8

CVE-2024-49758

Exploit
  • EPSS 0.07%
  • Veröffentlicht 15.11.2024 16:15:34
  • Zuletzt bearbeitet 20.11.2024 14:40:36

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the dev...