CNNVD-202507-2942 Information
CNNVD ID
CNNVD-202507-2942
Related CVE
- CNNVD Published: 2025-07-22
Description (Chinese)
LibreNMS是LibreNMS社区的一套基于PHP和MySQL的开源网络监控系统。该系统具有自定义警报、自动发现网络环境和自动更新等特点。 LibreNMS 25.6.0及之前版本存在安全漏洞,该漏洞源于ajax_form.php端点允许远程文件包含,可能导致远程代码执行。
Description (English)
LibreNMS is an open-source network monitoring system based on PHP and MySQL for the LibreNMS community. The system has features such as custom alerts, automatic discovery of the network environment and automatic updating. There is a security loophole in LibreNMS 25.6.0 and previous versions, which stems from ajax form.php endpoint allowing remote file inclusion, which may lead to remote code execution.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
LibreNMS
Published
2025-07-22
Last Modified
2026-02-24
References
https://github.com/librenms/librenms/releases/tag/25.7.0 https://github.com/librenms/librenms/commit/ec89714d929ef0cf2321957ed9198b0f18396c81 https://github.com/librenms/librenms/pull/17990 https://github.com/librenms/librenms/security/advisories/GHSA-gq96-8w38-hhj2 https://access.redhat.com/security/cve/cve-2025-54138 https://nvd.nist.gov/vuln/detail/CVE-2025-54138
Patch
https://github.com/librenms/librenms/releases
Share on: