CVE-2024-51092 - Vulnerability Details

- Remote OS Command Injection in LibreNMS Controllers

Description

LibreNMS before 24.10.0 allows a remote attacker to execute arbitrary code via OS command injection involving AboutController.php's index(), SettingsController.php's update(), and PollDevice.php's initRrdDirectory().

Published: 2026-05-08

Score: 9.1 Critical

EPSS: 44.1% Moderate

KEV: No

Impact:

Action:

Analysis

Impact

Affected Systems

All installations of LibreNMS below version 24.10.0 are affected. The vulnerability is present in the code paths handled by AboutController, SettingsController, and the initRrdDirectory routine within PollDevice. Upgrading to 24.10.0 or later removes the insecure command‑handling code.

Risk and Exploitability

The vulnerability is rated high severity, with a CVSS score 9.1, because it allows an attacker to run arbitrary system commands. The lack of authentication requirements is inferred from the description and typical web interface exposure. Its EPSS score of 44% indicates a moderate probability of exploitation, and it is not listed in the CISA KEV catalog. Attackers can reach the affected code paths via standard HTTP requests to the LibreNMS web interface, and if the application runs with elevated privileges, exploitation would lead to full system compromise.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Librenms

95%

Version	Status	Scheme	Platform
`[0,24.10.0)`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade LibreNMS to version 24.10.0 or newer to remove the vulnerable code paths.
If an upgrade is not immediately possible, restrict network access to the LibreNMS web interface so that only trusted users can reach the application endpoints.
Apply the following temporary code fix: Sanitize all user‑supplied input before passing it to system commands in AboutController.php, SettingsController.php, and PollDevice.php, ensuring no shell metacharacters are interpreted.

Generated by OpenCVE AI on May 22, 2026 at 14:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-x645-6pf9-xwxw	LibreNMS has an Authenticated OS Command Injection

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.44112.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/librenms/librenms/security/advisories/GHSA-x645-6pf9-xwxw
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb

History

Fri, 22 May 2026 15:15:00 +0000

Type	Values Removed	Values Added
Title		Remote OS Command Injection in LibreNMS Controllers

Tue, 12 May 2026 14:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:librenms:librenms::::::::

Sat, 09 May 2026 15:00:00 +0000

Type	Values Removed	Values Added
Title	OS Command Injection in LibreNMS Before 24.10.0 Allowing Remote Code Execution

Fri, 08 May 2026 19:15:00 +0000

Type	Values Removed	Values Added
Title		OS Command Injection in LibreNMS Before 24.10.0 Allowing Remote Code Execution

Fri, 08 May 2026 16:00:00 +0000

Type	Values Removed	Values Added
Title	OS Command Injection in LibreNMS Enables Remote Code Execution Prior to 24.10.0

Fri, 08 May 2026 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 08 May 2026 07:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Librenms Librenms librenms
Vendors & Products		Librenms Librenms librenms

Fri, 08 May 2026 06:45:00 +0000

Type	Values Removed	Values Added
Title		OS Command Injection in LibreNMS Enables Remote Code Execution Prior to 24.10.0
Weaknesses		CWE-78

Fri, 08 May 2026 05:45:00 +0000

Type	Values Removed	Values Added
Description		LibreNMS before 24.10.0 allows a remote attacker to execute arbitrary code via OS command injection involving AboutController.php's index(), SettingsController.php's update(), and PollDevice.php's initRrdDirectory().
References		https://github.com/librenms/librenms/security/advisories/GHSA-x645-6pf9-xwxw https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb

Subscriptions

Librenms Librenms

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-05-08T00:00:00.000Z

Updated: 2026-05-08T14:11:39.042Z

Reserved: 2024-10-28T00:00:00.000Z

Link: CVE-2024-51092

Vulnrichment

Updated: 2026-05-08T14:11:35.481Z

NVD

Status : Analyzed

Published: 2026-05-08T06:16:10.090

Modified: 2026-05-12T13:50:21.820

Link: CVE-2024-51092

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-22T15:00:18Z

Weaknesses

CWE-78

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact Low

User Interaction None

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object