CVE-2018-20434

Опубликовано: 24 апр. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Средний

Описание

LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $_POST['community'] parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajax_output.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers html/includes/output/capture.inc.php command mishandling.

Ссылки

http://packetstormsecurity.com/files/153188/LibreNMS-addhost-Command-Injection.html
http://packetstormsecurity.com/files/153448/LibreNMS-1.46-addhost-Remote-Code-Execution.html
https://drive.google.com/file/d/1LcGmOY8x-TG-wnNr-cM_f854kxk0etva/view?usp=sharing
Permissions Required
Third Party Advisory
https://gist.github.com/mhaskar/516df57aafd8c6e3a1d70765075d372d
Exploit
Third Party Advisory
https://shells.systems/librenms-v1-46-remote-code-execution-cve-2018-20434/
Exploit
Technical Description
Third Party Advisory
http://packetstormsecurity.com/files/153188/LibreNMS-addhost-Command-Injection.html
http://packetstormsecurity.com/files/153448/LibreNMS-1.46-addhost-Remote-Code-Execution.html
https://drive.google.com/file/d/1LcGmOY8x-TG-wnNr-cM_f854kxk0etva/view?usp=sharing
Permissions Required
Third Party Advisory
https://gist.github.com/mhaskar/516df57aafd8c6e3a1d70765075d372d
Exploit
Third Party Advisory
https://shells.systems/librenms-v1-46-remote-code-execution-cve-2018-20434/
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:librenms:librenms:1.46:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.66987

Средний

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-62q7-qj6g-gvr7