Описание
Path Traversal in LibreNMS
An issue was discovered in LibreNMS 1.50.1. An authenticated user can perform a directory traversal attack against the /pdf.php file with a partial filename in the report parameter, to cause local file inclusion resulting in code execution.
Пакеты
Наименование
librenms/librenms
composer
Затронутые версииВерсия исправления
< 1.53
1.53
Связанные уязвимости
CVSS3: 7.5
nvd
больше 6 лет назад
An issue was discovered in LibreNMS 1.50.1. An authenticated user can perform a directory traversal attack against the /pdf.php file with a partial filename in the report parameter, to cause local file inclusion resulting in code execution.