CVE-2024-51092

CRITICAL 9.1

CVSS Score

9.1

EPSS Score

0.0%

EPSS Percentile

0th

LibreNMS before 24.10.0 allows a remote attacker to execute arbitrary code via OS command injection involving AboutController.php's index(), SettingsController.php's update(), and PollDevice.php's initRrdDirectory().

Vendor	n/a
Product	n/a
Published	May 8, 2026
Last Updated	May 8, 2026

Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new critical vulnerabilities affecting n/a n/a are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb github.com: https://github.com/librenms/librenms/security/advisories/GHSA-x645-6pf9-xwxw