Search the Community
Showing results for tags 'addhost'.
-
Exploits LibreNMS 1.46 addhost Remote Code Execution
1337day-Exploits posted a topic in Updated Exploits
LibreNMS version 1.46 addhost remote code execution exploit. View the full article -
This Metasploit module exploits a command injection vulnerability in the open source network management software known as LibreNMS. The community parameter used in a POST request to the addhost functionality is unsanitized. This parameter is later used as part of a shell command that gets passed to the popen function in capture.inc.php, which can result in execution of arbitrary code. This module requires authentication to LibreNMS first. View the full article