Improper Authorization in librenms/librenms


Reported on

Feb 13th 2022


LibreNMS v22.1.0 allows users with the normal role/level to interact with the plugin setting resulting in the users could take action such as switching on/off any installed plugins which are supposedly accessible by the Administrator only.

Proof of Concept

Affected endpoints:

1 GET http://{HOST}/plugin/settings


Steps to reproduce:

1 Login as a normal user.

2 Browse to http://{HOST}/plugin/settings

3 We can switch on/off any installed plugins and interact with the setting such as creating and managing maps for the Weathermap plugin.


This vulnerability is capable of modifying or performing a system function outside the user's limits.

We are processing your report and will contact the librenms team within 24 hours. a year ago
Faisal Fs ⚔️ modified the report
a year ago
We have contacted a member of the librenms team and are waiting to hear back a year ago
PipoCanaja validated this vulnerability a year ago
Faisal Fs ⚔️ has been awarded the disclosure bounty
The fix bounty is now up for grabs
Neil Lathwood marked this as fixed in 22.2.0 with commit 95970a a year ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
to join this conversation