CVE-2022-29712

描述

LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters.

受影響套件(1)

• Packagist/librenms/librenmsfrom 0, < 22.4.0

參考連結(4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-29712
• PATCHhttps://github.com/librenms/librenms
• WEBhttps://github.com/librenms/librenms/commit/8b82341cb742e7bd4966964b399012f7ba017e0b
• WEBhttps://github.com/librenms/librenms/pull/13932