mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-29 01:31:01 +00:00
24 lines
1.1 KiB
Markdown
24 lines
1.1 KiB
Markdown
|
### [CVE-2018-20434](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20434)
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
### Description
|
||
|
|
|
||
|
|
LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $_POST['community'] parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajax_output.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers html/includes/output/capture.inc.php command mishandling.
|
||
|
|
|
||
|
|
### POC
|
||
|
|
|
||
|
|
#### Reference
|
||
|
|
- http://packetstormsecurity.com/files/153188/LibreNMS-addhost-Command-Injection.html
|
||
|
|
- http://packetstormsecurity.com/files/153448/LibreNMS-1.46-addhost-Remote-Code-Execution.html
|
||
|
|
|
||
|
|
#### Github
|
||
|
|
- https://github.com/0xT11/CVE-POC
|
||
|
|
- https://github.com/ARPSyndicate/cvemon
|
||
|
|
- https://github.com/DSO-Lab/pocscan
|
||
|
|
- https://github.com/ayadim/exploitBox
|
||
|
|
- https://github.com/mhaskar/CVE-2018-20434
|
||
|
|
- https://github.com/spart9k/INT-18
|
||
|
|
|