ghsa-2f4w-6mc7-4w78
Vulnerability from github
StoredXSS-LibreNMS-Display Name 2
Description:
XSS on the parameters (Replace $DEVICE_ID with your specific $DEVICE_ID value):/device/$DEVICE_ID/edit -> param: display
of Librenms versions 24.11.0 (https://github.com/librenms/librenms) allows remote attackers to inject malicious scripts. When a user views or interacts with the page displaying the data, the malicious script executes immediately, leading to potential unauthorized actions or data exposure.
Proof of Concept:
1. Add a new device through the LibreNMS interface.
2. Edit the newly created device by going to the "Device Settings" section.
3. In the "Display Name" field, enter the following payload: "><img src onerror="alert(document.cookie)">.
4. Save the changes.
5. The XSS payload is triggered when navigating to the path /device/$DEVICE_ID/logs and hovering over a type containing a tag (such as Core 1 in the image).
Impact:
Execution of Malicious Code
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "librenms/librenms"
},
"ranges": [
{
"events": [
{
"introduced": "24.11.10"
},
{
"fixed": "24.12.0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"24.11.10"
]
}
],
"aliases": [
"CVE-2024-56144"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2025-01-16T17:18:32Z",
"nvd_published_at": "2025-01-16T23:15:07Z",
"severity": "MODERATE"
},
"details": "# StoredXSS-LibreNMS-Display Name 2\n\n\n**Description:**\n\n\nXSS on the parameters (Replace $DEVICE_ID with your specific $DEVICE_ID value):`/device/$DEVICE_ID/edit` -\u003e param: display\n\n\nof Librenms versions 24.11.0 ([https://github.com/librenms/librenms](https://github.com/librenms/librenms)) allows remote attackers to inject malicious scripts. When a user views or interacts with the page displaying the data, the malicious script executes immediately, leading to potential unauthorized actions or data exposure.\n\n\n\n**Proof of Concept:**\n1. Add a new device through the LibreNMS interface.\n2. Edit the newly created device by going to the \"Device Settings\" section.\n3. In the \"Display Name\" field, enter the following payload: `\"\u003e\u003cimg src onerror=\"alert(document.cookie)\"\u003e`.\n\n4. Save the changes.\n5. The XSS payload is triggered when navigating to the path /device/$DEVICE_ID/logs and hovering over a type containing a tag (such as Core 1 in the image).\n\n\n\n\n**Impact:**\n\nExecution of Malicious Code\n\n",
"id": "GHSA-2f4w-6mc7-4w78",
"modified": "2025-01-17T15:51:59Z",
"published": "2025-01-16T17:18:32Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/librenms/librenms/security/advisories/GHSA-2f4w-6mc7-4w78"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56144"
},
{
"type": "WEB",
"url": "https://github.com/librenms/librenms/pull/16886"
},
{
"type": "WEB",
"url": "https://github.com/librenms/librenms/commit/c63c912d86098bcefd52a28328482b94632eadf8"
},
{
"type": "PACKAGE",
"url": "https://github.com/librenms/librenms"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "LibreNMS Display Name 2 Stored Cross-site Scripting vulnerability"
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.