漏洞标题
N/A
漏洞描述信息
在LibreNMS 1.50.1中发现了一个问题。处理绘图选项的脚本(包括include/html/graphs/common.inc.php和include/html/graphs/graphs.inc.php)未适当地验证或编码用户提供的多个字段。一些参数使用 mysqli_real_escape_string过滤,该功能仅用于防止SQL注入攻击;其他参数未过滤。这允许攻击者通过html/graph.php和html/graph-realtime.php脚本注入RRDtool语法带有换行符。RRDtool语法相当灵活,攻击者可以利用此进行多种攻击,包括泄露目录结构和文件名,泄露文件内容,拒绝服务或写入任意文件。注意:与CVE-2019-10665相比,此要求身份验证,路径名有所不同。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
An issue was discovered in LibreNMS 1.50.1. The scripts that handle graphing options (includes/html/graphs/common.inc.php and includes/html/graphs/graphs.inc.php) do not sufficiently validate or encode several fields of user supplied input. Some parameters are filtered with mysqli_real_escape_string, which is only useful for preventing SQL injection attacks; other parameters are unfiltered. This allows an attacker to inject RRDtool syntax with newline characters via the html/graph.php and html/graph-realtime.php scripts. RRDtool syntax is quite versatile and an attacker could leverage this to perform a number of attacks, including disclosing directory structure and filenames, disclosing file content, denial of service, or writing arbitrary files. NOTE: relative to CVE-2019-10665, this requires authentication and the pathnames differ.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
LibreNMS 代码注入漏洞
漏洞描述信息
LibreNMS是一套基于PHP和MySQL的开源网络监控系统。该系统具有自定义警报、自动发现网络环境和自动更新等特点。 LibreNMS 1.50.1版本中存在代码注入漏洞。该漏洞源于外部输入数据构造代码段的过程中,网络系统或产品未正确过滤其中的特殊元素。攻击者可利用该漏洞生成非法的代码段,修改网络系统或组件的预期的执行控制流。
CVSS信息
N/A
漏洞类别
注入