Critical RCE Vulnerability Found in LibreNMS
/ 1 min read
🛠️ Critical RCE Vulnerability Discovered in LibreNMS (CVE-2024-51092). A newly identified vulnerability in LibreNMS allows authenticated attackers to execute arbitrary OS commands via the web portal by manipulating directory names and configuration parameters. This flaw, affecting versions 24.9.0 to 24.9.1, can lead to remote code execution, posing significant security risks for users. The vulnerability has been documented in a Metasploit module, which provides a proof of concept for exploitation. Users are urged to update their installations to mitigate potential threats. For further details, refer to the advisory linked in the original report.
Source

Original