8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2019-10671

GHSA ID

GHSA-g9xh-3w5g-229r

EPSS Score

0.00516%

CWE

CWE-89

Published

10/11/2019

Updated

2/1/2023

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2019-10671

CVE-2019-10671: SQL Injection in LibreNMS

An issue was discovered in LibreNMS through 1.47. It does not parameterize all user supplied input within database queries, resulting in SQL injection. An authenticated attacker can subvert these database queries to extract or manipulate data, as demonstrated by the graph.php sort parameter.

(GitHub Advisory)

8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2019-10671

GHSA ID

GHSA-g9xh-3w5g-229r

EPSS Score

0.00516%

CWE

CWE-89

Published

10/11/2019

Updated

2/1/2023

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
librenms/librenms	composer	< 1.50.1	1.50.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The CVE-2019-10671 description explicitly calls out graph.php's 'sort' parameter as the exploitation vector for SQL injection. In PHP applications like LibreNMS, SQL injection vulnerabilities typically occur when user input (like $_GET/$_POST parameters) is directly embedded into SQL queries without using prepared statements. The absence of parameterization in the affected code path would manifest in a function handling the 'sort' parameter and constructing ORDER BY clauses. While the exact function name isn't visible in the provided data, the advisory's specificity about graph.php and the sort parameter strongly indicates that the vulnerable code resides in a function responsible for processing sorting logic in this file. The confidence is marked as medium because while the injection vector is clearly identified, the exact function name isn't explicitly provided in the available data.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in Li*r*NMS t*rou** *.**. It *o*s not p*r*m*t*riz* *ll us*r suppli** input wit*in **t***s* qu*ri*s, r*sultin* in SQL inj**tion. *n *ut**nti**t** *tt**k*r **n su*v*rt t**s* **t***s* qu*ri*s to *xtr**t or m*nipul*t* **t*, *s **m

Reasoning

T** *V*-****-***** **s*ription *xpli*itly **lls out *r*p*.p*p's 'sort' p*r*m*t*r *s t** *xploit*tion v**tor *or SQL inj**tion. In P*P *ppli**tions lik* Li*r*NMS, SQL inj**tion vuln*r**iliti*s typi**lly o**ur w**n us*r input (lik* $_**T/$_POST p*r*m*t

8.8

Basic Information

Concerned about an active attack path?

CVE-2019-10671: SQL Injection in LibreNMS

8.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI