CVE-2021-44278

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-44278

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-44278.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-44278

Aliases

GHSA-7289-chwj-7h86

Published

2021-12-03T13:15:07.733Z

Modified

2026-04-12T03:54:53.297512Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc.php.

References

https://github.com/librenms/librenms/pull/13554

Affected packages

Git / github.com/librenms/librenms

Affected ranges

Type

GIT

Repo

https://github.com/librenms/librenms

Events

Introduced

Last affected

6b41c29f5f7a8cec104c17737df0a6e50755f66c

Database specific

{
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "21.11.0"
        }
    ],
    "cpe": "cpe:2.3:a:librenms:librenms:21.11.0:*:*:*:*:*:*:*"
}

Affected versions

0.*

0.1

1.*

1.19

1.20

1.21

1.25

1.26

1.27

1.28

1.31.01

1.31.02

1.31.03

1.32

1.33

1.35

1.36

1.37

1.38

1.39

1.40

1.41

1.42

1.42.01

1.43

1.44

1.45

1.46

1.47

1.48

1.48.1

1.49

1.50

1.51

1.52

1.53

1.53.1

1.54

1.55

1.56

1.57

1.58

1.58.1

1.59

1.60

1.61

1.62

1.63

1.64

1.64.1

1.65

1.66

1.67

1.68

1.69

1.70.0

1.70.1

Other

201505

201506

201507

201508

201509

201510

201511

201512

201601

201602

201603

201604

201605

201606

201607

201608

20160828

201609

21.*

21.1.0

21.10.0

21.11.0

21.2.0

21.3.0

21.4.0

21.5.0

21.5.1

21.6.0

21.7.0

21.8.0

21.9.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-44278.json"