What is CVE-2019-10669?

CVE-2019-10669 is a vulnerability in N/a. Published 2019-09-09.

Is CVE-2019-10669 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-10669

An issue was discovered in LibreNMS through 1.47. There is a command injection vulnerability in html/includes/graphs/device/collectd.inc.php where user supplied parameters are filtered with the mysqli_escape_real_string function. This func…

EPSS: 0.557 (98.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cve-scores

References

packetstormsecurity.com/files/154391/LibreNMS-Collectd-Command-Injection.html (x_refsource_MISC)
www.darkmatter.ae/xen1thlabs/librenms-command-injection-vulnerability-xl-19-017/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-10669?: CVE-2019-10669 is a vulnerability in N/a. Published 2019-09-09.
Is CVE-2019-10669 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.