How to fix CVE-2020-36947?

Within 24 hours: Audit access logs for LibreNMS MAC accounting graph endpoints and identify all user accounts with access. Within 7 days: Implement network segmentation to restrict LibreNMS access to authorized administrators only, and disable MAC accounting features if not actively used. Within 30 days: Migrate to an alternative network monitoring solution, establish a vendor communication channel for security updates, or continuously monitor for available patches and deploy immediately upon release.

Is Librenms affected by CVE-2020-36947?

LibreNMS deployments are vulnerable to authenticated SQL injection attacks that could allow legitimate users to extract sensitive database information, including credentials and network configuration data.

CVE-2020-36947

HIGH

2026-01-27 [email protected]

GHSA-qp2j-v5jg-hg68

7.1

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Feb 02, 2026 - 19:48 vuln.today

Public exploit code

CVE Published

Jan 27, 2026 - 16:16 nvd

HIGH 7.1

Description

LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve sensitive database contents through time-based blind SQL injection.

Analysis

LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. [CVSS 7.1 HIGH]

Technical Context

Classified as CWE-89 (SQL Injection). Affects the MAC accounting graph component of Librenms. LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve sensitive database contents through time-based blind SQL injection.

Affected Products

Vendor: Librenms. Product: Librenms. Versions: up to 1.46. Component: MAC accounting graph.

Remediation

Monitor vendor advisories for a patch. Use parameterized queries. Implement input validation. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +36

POC: +20

CVE-2020-36947 vulnerability details – vuln.today

Back

CVE-2020-36947

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2020-36947

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code