1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: LibreNMS addhost CVE-2018-20434

Attack: LibreNMS addhost CVE-2018-20434

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the attempt to exploit Command Injection vulnerability on the affected machine.

Additional Information

This module exploits a command injection vulnerability in the open source network management software known as LibreNMS. The community parameter used in a POST request to the addhost functionality is unsanitized. This parameter is later used as part of a shell command that gets passed to the popen function in capture.inc.php, which can result in execution of arbitrary code. This module requires authentication to LibreNMS first.

Affected

  • LibreNMS prior to version 1.46

Response


  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube