A Local File Inclusion vulnerability exists in the NFSen module of LibreNMS. The flaw allows an authenticated attacker to supply path‑traversal sequences in the nfsen parameter, causing the application to include arbitrary PHP files from the server filesystem. Including an arbitrary PHP file could expose sensitive configuration data or other information stored on the host. The weakness is characterized by CWE-98.

The vulnerability appears in LibreNMS build 22.11.0‑23-gd091788f2 and any preceding or equivalent builds that contain the vulnerable nfsen.inc.php handler with the NFSen module enabled. Deployments that have removed or disabled the NFSen module are not vulnerable.

The exploit requires valid credentials to allow a user to submit the nfsen parameter. The vulnerability is an LFI that does not require elevated privileges or kernel level access, making it relatively straightforward for an attacker with access. The CVSS score is 6.5 and the EPSS score is less than 1%, indicating a moderate severity with low probability of exploitation; the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is an authenticated web request that manipulates the nfsen parameter with path‑traversal sequences. Based on the description, it is inferred that the attacker could read or include sensitive files, though concrete execution impact is not confirmed in the payload.