Second-Order SQL Injection in LibreNMS Top Devices Dashboard Widget
CVE-2020-35700

8.8HIGH

Key Information:

Vendor

Librenms

Status
Librenms
Vendor
CVE Published:
8 February 2021

What is CVE-2020-35700?

A second-order SQL injection vulnerability exists in the Top Devices dashboard widget of LibreNMS prior to version 21.1.0. This flaw allows remote authenticated attackers to exploit the 'sort_order' parameter by sending crafted input to the /ajax/form/widget-settings endpoint. Successful exploitation can lead to the execution of arbitrary SQL commands, potentially compromising the integrity and security of the database.

References

https://github.com/librenms/librenms/blob/master/app/Http...
x_refsource_MISC
https://github.com/librenms/librenms/issues/12405
x_refsource_MISC
https://www.horizon3.ai/disclosures/librenms-second-order...
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.