Vulnerabilities > Librenms > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-17 CVE-2023-46745 Improper Restriction of Excessive Authentication Attempts vulnerability in Librenms
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems.
network
low complexity
librenms CWE-307
7.5
7.5
2022-11-20 CVE-2022-3525 Deserialization of Untrusted Data vulnerability in Librenms
Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0.
network
low complexity
librenms CWE-502
8.8
8.8
2022-06-02 CVE-2022-29712 Command Injection vulnerability in Librenms 22.3.0
LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters.
network
low complexity
librenms CWE-77
7.5
7.5
2022-02-14 CVE-2022-0580 Incorrect Authorization vulnerability in Librenms
Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0.
network
low complexity
librenms CWE-863
8.8
8.8
2021-12-03 CVE-2021-44278 Path Traversal vulnerability in Librenms 21.11.0
Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc.php.
network
low complexity
librenms CWE-22
7.5
7.5
2019-09-09 CVE-2019-10665 Injection vulnerability in Librenms
An issue was discovered in LibreNMS through 1.47.
network
low complexity
librenms CWE-74
7.5
7.5