Covered by FixVibecritical

. Kritisk OS skipanarinnspræning í LibreNMS (ZXCVVIBETEKEN0ZXCV) ZXCVFIXVIBESEND ZXCVFIXVIBESEG1. LibreNMS útgávur <= 24.9.1 eru viðbreknar fyri góðkendari OS skipanarinnspræning (CVE-2024-51092). ZXCVFIXVIBESEND ZXCVFIXVIBESEG2. LibreNMS útgávur upp til 24.9.1 innihalda ein kritiskan OS skipaninnspræning sárbarleika (CVE-2024-51092). Autentiseraðir álopsmenn kunnu útføra viljaleysar skipanir á vertsskipanini, sum møguliga føra til totala semju um eftirlitsskipanina. ZXCVFIXVIBESEND ZXCVFIXVIBESEG3. ## Ávirkan ZXCVFIXVIBESEND ZXCVFIXVIBESEG4. LibreNMS útgávur 24.9.1 og fyrr innihalda ein sárbarleika, sum ger, at autentiseraðir brúkarar kunnu fremja OS skipaninnspræning CVE-2024-51092. Eydnurík útnytting ger tað møguligt at útføra valfríar skipanir við rættindum hjá vevtænarabrúkaranum ZXCVFIXVIBETOKEN1ZXCV. Hetta kann føra til fulla skipanarligu semju, ólógliga atgongd til viðkvæmar eftirlitsdátur, og møguliga síðuflyting innan netinfrakervið, sum LibreNMS ZXCVFIXVIBETOKEN2ZXCV umsitur. ZXCVFIXVIBESEND ZXCVFIXVIBESEG5. ## Rótorsøk ZXCVFIXVIBESEND ZXCVFIXVIBESEG6. Sárbarleikin er rótfest í óhóskandi neutralisering av brúkaraveittu input, áðrenn tað verður innlimað í eina stýrisskipanarskipan CVE-2024-51092. Hesin feilurin er flokkaður sum ZXCVFIXVIBETOKEN3ZXCV ZXCVFIXVIBETOKEN1ZXCV. Í ávirkaðum útgávum megna ávís autentiserað endapunkt ikki at validera ella sanitera parametrar á nøktandi hátt, áðrenn teir verða sendir víðari til útførslufunktiónir á skipanarstigi ZXCVFIXVIBETOKEN2ZXCV. ZXCVFIXVIBESEND ZXCVFIXVIBESEG7. ## Remediation ZXCVFIXVIBESEND ZXCVFIXVIBESEG8. Brúkarar skulu dagføra sína LibreNMS uppseting til útgávu 24.10.0 ella seinni fyri at loysa hetta málið CVE-2024-51092. Sum ein almenn trygdarbesta siðvenja skal atgongdin til LibreNMS umsitingarliga nýtsluflatið vera avmarkað til álítandi netverkspartar við at brúka brandveggir ella atgongdarstýringarlistar (ACL) ZXCVFIXVIBETOKEN1ZXCV. ZXCVFIXVIBESEND ZXCVFIXVIBESEG9. ## Hvussu CVE-2024-51092 roynir fyri tí ZXCVFIXVIBESEND ZXCVFIXVIBESEG10 ZXCVFIXVIBETOKEN4ZXCV inniheldur nú hetta í ZXCVFIXVIBETOKEN5ZXCV repo-skanningum. Ávísingin lesur bert heimildargoymsluháðarfílur, herundir CVE-2024-51092 og ZXCVFIXVIBETOKEN1ZXCV. Tað flaggar ZXCVFIXVIBETOKEN2ZXCV læstar útgávur ella avmarkingar, sum passa til ávirkaða økið ZXCVFIXVIBETOKEN3ZXCV, og meldar síðani avhengi fíluna, linjunummarið, ráðgevara-ID'ini, ávirkaða økið og fastu útgávuna. ZXCVFIXVIBESEND ZXCVFIXVIBESEG11 Hetta er ein statisk, bert lesandi repo-kanning. Tað útførir ikki kundakotu og sendir ikki exploit nyttulastir.

LibreNMS versions up to 24.9.1 contain a critical OS command injection vulnerability (CVE-2024-51092). Authenticated attackers can execute arbitrary commands on the host system, potentially leading to total compromise of the monitoring infrastructure.

CVE-2024-51092GHSA-x645-6pf9-xwxwCWE-78

Impact

LibreNMS versions 24.9.1 and earlier contain a vulnerability that allows authenticated users to perform OS command injection [S2]. Successful exploitation enables the execution of arbitrary commands with the privileges of the web server user [S1]. This can lead to full system compromise, unauthorized access to sensitive monitoring data, and potential lateral movement within the network infrastructure managed by LibreNMS [S2].

Root Cause

The vulnerability is rooted in the improper neutralization of user-supplied input before it is incorporated into an operating system command [S1]. This flaw is classified as CWE-78 [S1]. In affected versions, specific authenticated endpoints fail to adequately validate or sanitize parameters before passing them to system-level execution functions [S2].

Remediation

Users should upgrade their LibreNMS installation to version 24.10.0 or later to resolve this issue [S2]. As a general security best practice, access to the LibreNMS administrative interface should be restricted to trusted network segments using firewalls or access control lists (ACLs) [S1].

How FixVibe tests for it

FixVibe now includes this in GitHub repo scans. The check reads authorized repository dependency files only, including composer.lock and composer.json. It flags librenms/librenms locked versions or constraints that match the affected range <=24.9.1, then reports the dependency file, line number, advisory IDs, affected range, and fixed version.

This is a static, read-only repo check. It does not execute customer code and does not send exploit payloads.