CVE-2024-32461

Public Exploit

LibreNMS vulnerable to time-based SQL injection that leads to database extraction

Description

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A SQL injection vulnerability in POST /search/search=packages in LibreNMS prior to version 24.4.0 allows a user with global read privileges to execute SQL commands via the package parameter. With this vulnerability, an attacker can exploit a SQL injection time based vulnerability to extract all data from the database, such as administrator credentials. Version 24.4.0 contains a patch for the vulnerability.

References

Link	Tags
https://github.com/librenms/librenms/security/advisories/GHSA-cwx6-cx7x-4q34	vendor advisory exploit
https://github.com/librenms/librenms/commit/d29201fce134347f891102699fbde7070debee33	patch
https://doc.clickup.com/9013166444/p/h/8ckm0bc-53/16811991bb5fff6	exploit

Frequently Asked Questions

What is the severity of CVE-2024-32461?: CVE-2024-32461 has been scored as a high severity vulnerability.
How to fix CVE-2024-32461?: To fix CVE-2024-32461, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-32461 being actively exploited in the wild?: It is possible that CVE-2024-32461 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-32461?: CVE-2024-32461 affects librenms librenms.

Description

Category

CWE-89 – Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

References

Frequently Asked Questions