Skip to main content

Librenms CVE-2026-6204

| EUVDEUVD-2026-21908 HIGH
OS Command Injection (CWE-78)
2026-04-13 PRJBLK GHSA-pr3g-phhr-h8fh
8.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

8
Re-analysis Queued
Apr 22, 2026 - 19:52 vuln.today
cvss_changed
PoC Detected
Apr 22, 2026 - 19:47 vuln.today
Public exploit code
Patch released
Apr 15, 2026 - 02:30 nvd
Patch available
Analysis Generated
Apr 13, 2026 - 11:33 vuln.today
CVSS changed
Apr 13, 2026 - 11:22 NVD
8.5 (HIGH)
EUVD ID Assigned
Apr 13, 2026 - 11:15 euvd
EUVD-2026-21908
Analysis Generated
Apr 13, 2026 - 11:15 vuln.today
CVE Published
Apr 13, 2026 - 10:56 nvd
HIGH 8.5

DescriptionCVE.org

LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server.

AnalysisAI

Remote code execution in LibreNMS network monitoring platform (versions prior to 26.3.0) allows authenticated administrators to execute arbitrary commands on the underlying web server by manipulating Binary Locations configuration settings combined with the Netcommand feature. This authenticated attack requires administrative privileges but has publicly available exploit code, enabling straightforward weaponization. CVSS 8.5 severity reflects high confidentiality and integrity impact with network-based attack vector and low complexity.

Technical ContextAI

LibreNMS is an open-source network monitoring and management system built on PHP. This vulnerability exploits CWE-78 (OS Command Injection) through two interconnected features: Binary Locations configuration (which defines paths to system executables) and Netcommand (which executes network diagnostic commands). The attack chain involves an authenticated administrator manipulating the Binary Locations configuration to point to attacker-controlled executables or inject malicious parameters, then triggering execution through the Netcommand feature. The CPE identifier cpe:2.3:a:librenms:librenms confirms the affected product is the LibreNMS application itself across all pre-26.3.0 versions. The CVSS 4.0 vector shows network accessibility (AV:N), low attack complexity (AC:L), no attack prerequisites (AT:N), and high privilege requirements (PR:H), indicating the attacker must already possess administrative credentials. The vulnerability represents a classic example of insufficient input validation and sanitization in configuration interfaces that interact with system command execution.

RemediationAI

Upgrade to LibreNMS version 26.3.0 or later, which contains patches addressing the Binary Locations and Netcommand command injection vulnerability. The fix can be obtained through standard LibreNMS update procedures including Git pull for source installations or container image updates for Docker deployments. Detailed remediation guidance is available in the GitHub Security Advisory at https://github.com/librenms/librenms/security/advisories/GHSA-pr3g-phhr-h8fh. As an interim workaround if immediate patching is not feasible, restrict administrative access to LibreNMS to only essential personnel, implement IP allowlisting for admin interface access, enable multi-factor authentication for administrative accounts, and monitor audit logs for unexpected changes to Binary Locations configuration or unusual Netcommand execution patterns. Review and rotate administrative credentials if unauthorized access is suspected. Given the availability of public exploit code, prioritize patching over temporary workarounds.

CVE-2019-10669 HIGH POC
7.2 Sep 09

An issue was discovered in LibreNMS through 1.47. Rated high severity (CVSS 7.2), this vulnerability is remotely exploit

CVE-2021-44278 CRITICAL POC
9.8 Dec 03

Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc.php. Rate

CVE-2019-10665 CRITICAL POC
9.8 Sep 09

An issue was discovered in LibreNMS through 1.47. Rated critical severity (CVSS 9.8), this vulnerability is remotely exp

CVE-2026-26988 CRITICAL POC
9.1 Feb 20

SQL injection in LibreNMS 25.12.0 and below. PoC and patch available.

CVE-2019-10668 CRITICAL POC
9.1 Sep 09

An issue was discovered in LibreNMS through 1.47. Rated critical severity (CVSS 9.1), this vulnerability is remotely exp

CVE-2026-26990 HIGH POC
8.8 Feb 20

SQL injection in LibreNMS versions 25.12.0 and below allows authenticated users to extract sensitive database informatio

CVE-2024-32461 HIGH POC
8.8 Apr 22

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated high severity (CVSS 8.8), this vulnera

CVE-2020-15877 HIGH POC
8.8 Jul 21

An issue was discovered in LibreNMS before 1.65.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploi

CVE-2019-12463 HIGH POC
8.8 Sep 09

An issue was discovered in LibreNMS 1.50.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable,

CVE-2019-10671 HIGH POC
8.8 Sep 09

An issue was discovered in LibreNMS through 1.47. Rated high severity (CVSS 8.8), this vulnerability is remotely exploit

CVE-2019-12465 HIGH POC
8.1 Sep 09

An issue was discovered in LibreNMS 1.50.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable,

CVE-2019-10666 HIGH POC
8.1 Sep 09

An issue was discovered in LibreNMS through 1.47. Rated high severity (CVSS 8.1), this vulnerability is remotely exploit

Share

CVE-2026-6204 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy