Identifier

CVE-2020-15873

Package Slug

packagist/librenms/librenms

Vulnerability

SQL Injection

Description

In LibreNMS, an authenticated attacker can achieve SQL Injection via the customoid.inc.php device_id POST parameter to ajax_form.php.

Affected Versions

All versions before 1.65.1

Solution

Upgrade to version 1.65.1 or above.

Last Modified

2020-07-24

source