Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

librenms — Vulnerabilities & Security Advisories 50

All 50 CVE vulnerabilities found in librenms, with AI-generated Chinese analysis, references, and POCs.

Vendor: librenms

CVE IDTitleCVSSSeverityPublished
CVE-2024-50355 LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints CWE-79 4.8 Medium2024-11-15
CVE-2024-50352 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/overview/services.inc.php CWE-79 4.8 Medium2024-11-15
CVE-2024-50351 LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/functions.php CWE-79 4.8 Medium2024-11-15
CVE-2024-50350 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php CWE-79 4.8 Medium2024-11-15
CVE-2024-49764 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/capture.inc.php CWE-79 4.8 Medium2024-11-15
CVE-2024-49759 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/edituser.inc.php CWE-79 4.8 Medium2024-11-15
CVE-2024-49758 LibreNMS has a stored XSS in ExamplePlugin with Device's Notes CWE-79 4.8 Medium2024-11-15
CVE-2024-49754 LibreNMS has a stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/api-access.inc.php CWE-79 7.5 High2024-11-15
CVE-2024-47523 LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Transports" feature CWE-79 7.5 High2024-10-01
CVE-2024-47524 LibreNMS has Stored Cross-site Scripting vulnerability in "Device Group" Name CWE-79 7.2 High2024-10-01
CVE-2024-47525 Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-alert-rules.php CWE-79 7.5 High2024-10-01
CVE-2024-47526 LibreNMS has a Self-XSS ('Cross-site Scripting') in librenms/includes/html/modal/alert_template.inc.php CWE-79 3.5 Low2024-10-01
CVE-2024-47527 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device-dependencies.inc.php CWE-79 7.5 High2024-10-01
CVE-2024-47528 LibreNMS Contains a Stored XSS via File Upload CWE-116 4.8 -2024-10-01
CVE-2024-32480 LibreNMS's Time-Based Blind SQL injection leads to database extraction CWE-89 7.2 High2024-04-22
CVE-2024-32479 LibreNMS's Improper Sanitization on Service template name leads to Stored XSS CWE-79 7.1 High2024-04-22
CVE-2024-32461 LibreNMS vulnerable to time-based SQL injection that leads to database extraction CWE-89 7.1 High2024-04-22
CVE-2023-46745 Rate limiting Bypass on login page in libreNMS CWE-307 5.3 Medium2023-11-17
CVE-2023-48294 Broken Access control on Graphs Feature in LibreNMS CWE-200 4.3 Medium2023-11-17
CVE-2023-48295 Cross-site Scripting at Device groups Deletion feature in LibreNMS CWE-79 6.3 Medium2023-11-17

All 50 known CVE vulnerabilities affecting librenms with full Chinese analysis, references, and POCs where available.