cvelistv5 - cve-2025-62412

CVE-2025-62412 (GCVE-0-2025-62412)

Vulnerability from cvelistv5

Published

2025-10-16 17:54

Modified

2025-10-16 19:21

Severity ?

3.8 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Summary

LibreNMS is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts > Alert Rules page is not properly sanitized, and can be used to inject HTML code. This vulnerability is fixed in 25.10.0.

References

▼	URL	Tags
	security-advisories@github.com	https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f
	security-advisories@github.com	https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh

Impacted products

	Vendor	Product	Version
	librenms	librenms	Version: < 25.10.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-62412",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-16T18:25:48.701440Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-16T19:21:43.259Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "librenms",
          "vendor": "librenms",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 25.10.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "LibreNMS  is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts \u003e Alert Rules page is not properly sanitized, and can be used to inject HTML code. This vulnerability is fixed in 25.10.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-16T17:54:09.256Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh"
        },
        {
          "name": "https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f"
        }
      ],
      "source": {
        "advisory": "GHSA-6g2v-66ch-6xmh",
        "discovery": "UNKNOWN"
      },
      "title": "LibreNMS alert-rules Cross-Site Scripting Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-62412",
    "datePublished": "2025-10-16T17:54:09.256Z",
    "dateReserved": "2025-10-13T16:26:12.179Z",
    "dateUpdated": "2025-10-16T19:21:43.259Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-62412\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-10-16T18:15:39.920\",\"lastModified\":\"2025-10-16T20:15:36.130\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"LibreNMS  is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts \u003e Alert Rules page is not properly sanitized, and can be used to inject HTML code. This vulnerability is fixed in 25.10.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":3.8,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-62412\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-16T18:25:48.701440Z\"}}}], \"references\": [{\"url\": \"https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-16T18:25:53.790Z\"}}], \"cna\": {\"title\": \"LibreNMS alert-rules Cross-Site Scripting Vulnerability\", \"source\": {\"advisory\": \"GHSA-6g2v-66ch-6xmh\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"librenms\", \"product\": \"librenms\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 25.10.0\"}]}], \"references\": [{\"url\": \"https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh\", \"name\": \"https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f\", \"name\": \"https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"LibreNMS  is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts \u003e Alert Rules page is not properly sanitized, and can be used to inject HTML code. This vulnerability is fixed in 25.10.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-10-16T17:54:09.256Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-62412\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-16T19:21:43.259Z\", \"dateReserved\": \"2025-10-13T16:26:12.179Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-10-16T17:54:09.256Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ghsa-6g2v-66ch-6xmh

Vulnerability from github

Published

2025-10-16 20:18

Modified

2025-10-16 20:18

Severity ?

3.8 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Summary

LibreNMS alert-rules has a Cross-Site Scripting Vulnerability

Details

Executive Summary

Product: LibreNMS
Vendor: LibreNMS
Vulnerability Type: Cross-Site Scripting (XSS)
CVSS Score: 4.3 (AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L)
Affected Version: 25.8.0 (latest at time of discovery)
POC File: Download POC Ticket: ZDI-CAN-28105: LibreNMS Alert Rules Cross-Site Scripting Vulnerability

Vulnerability Details

Description

Trend Micro's Zero Day Initiative has identified a Cross-Site Scripting vulnerability in LibreNMS. The vulnerability exists in the Alert Rules functionality where the alert rule name is not properly sanitized, allowing injection of HTML code.

Technical Details

Version Tested: 25.8.0
Installer File: 25.8.0.tar.gz
Download Link: https://github.com/librenms/librenms/archive/refs/tags/25.8.0.tar.gz
Platform: N/A

Attack Vector

When browsing to Alerts > Alert Rules page, a LibreNMS admin can add and manage alert rules. The alert rule name field is vulnerable to XSS attacks through improper sanitization.

Root Cause Analysis

Vulnerable Request

When creating or updating an alert rule, the following HTTP POST request is sent to /ajax_form.php:

``` POST /ajax_form.php HTTP/1.1 ...

_token=9YjTntCuMIe2ujpumwqJQoENRXUhJzlDt33Xu7kx&device_id=-1&device_name=&rule_id=&type=alert-rules&template_id=&builder_json=%7B%22condition%22%3A%22AND%22%2C%22rules%22%3A%5B%7B%22id%22%3A%22access_points.accesspoint_id%22%2C%22field%22%3A%22access_points.accesspoint_id%22%2C%22type%22%3A%22string%22%2C%22input%22%3A%22text%22%2C%22operator%22%3A%22equal%22%2C%22value%22%3A%2242%22%7D%5D%2C%22valid%22%3Atrue%7D&name=%3Ci%3Efoo%3C%2Fi%3E&builder_rule_0_filter=access_points.accesspoint_id&builder_rule_0_operator=equal&builder_rule_0_value_0=42&severity=warning&count=1&delay=1m&interval=5m&recovery=on&acknowledgement=on&proc=&notes=&adv_query= ```

Code Flow

Request Processing: PHP script includes/html/forms/alert-rules.inc.php processes the request
Sanitization Attempt: Calls strip_tags() to sanitize the name parameter
Database Operation: Calls dbUpdate() or dbInsert() to save the rule

Bypass Technique

The sanitization can be bypassed using XML character references:

html <script>alert(1)</script>

Execution Path

Page Load: Victim browses to Alerts > Alert Rules page
Script Execution: includes/html/print-alert/rules.php is called
Modal Inclusion: Includes includes/html/modal/alert_rule_list.inc.php which returns HTML for modal window
Table Rendering: Modal contains HTML table with all rules and inline JavaScript calling bootgrid() function
XSS Trigger: The bootgrid() function (http://www.jquery-bootgrid.com/) rewrites table cells, decoding XML character references
Code Execution: Browser interprets the decoded payload as HTML tags and executes the injected script

Proof of Concept

Usage

bash python3 poc.py client ip_addr -U <username> -P <password>

Optional Parameters

-E [kvp|multipart] - Specify HTTP request parameter encoding

Credit

Discovered by: Simon Humbert of Trend Research, Trend Micro

About Zero Day Initiative (ZDI)

Established by TippingPoint and acquired by Trend Micro, the Zero Day Initiative (ZDI) neither re-sells vulnerability details nor exploit code. Instead, upon notifying the affected product vendor, the ZDI provides its Trend Micro TippingPoint customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available.

References

ZDI Website: http://www.zerodayinitiative.com
Disclosure Policy: http://www.zerodayinitiative.com/advisories/disclosure_policy/

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 25.8.0"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "librenms/librenms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "25.10.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-62412"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-10-16T20:18:32Z",
    "nvd_published_at": "2025-10-16T18:15:39Z",
    "severity": "LOW"
  },
  "details": "## Executive Summary\n\n**Product:** LibreNMS  \n**Vendor:** LibreNMS  \n**Vulnerability Type:** Cross-Site Scripting (XSS)  \n**CVSS Score:** 4.3 (AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L)  \n**Affected Version:** 25.8.0 (latest at time of discovery)  \n**POC File:** [Download POC](https://trendmicro-my.sharepoint.com/:u:/p/kholoud_altookhy/EQYQOiGddUtOtz6739YUFU4B5FkNob_TvKBYEA8P6lSRQw?e=lDOR5W)\n**Ticket:** ZDI-CAN-28105: LibreNMS Alert Rules Cross-Site Scripting Vulnerability\n\n## Vulnerability Details\n\n### Description\nTrend Micro\u0027s Zero Day Initiative has identified a Cross-Site Scripting vulnerability in LibreNMS. The vulnerability exists in the Alert Rules functionality where the alert rule name is not properly sanitized, allowing injection of HTML code.\n\n### Technical Details\n\n**Version Tested:** 25.8.0  \n**Installer File:** 25.8.0.tar.gz  \n**Download Link:** https://github.com/librenms/librenms/archive/refs/tags/25.8.0.tar.gz  \n**Platform:** N/A\n\n### Attack Vector\nWhen browsing to **Alerts \u003e Alert Rules** page, a LibreNMS admin can add and manage alert rules. The alert rule name field is vulnerable to XSS attacks through improper sanitization.\n\n## Root Cause Analysis\n\n### Vulnerable Request\nWhen creating or updating an alert rule, the following HTTP POST request is sent to `/ajax_form.php`:\n\n ```\nPOST /ajax_form.php HTTP/1.1\n...\n\n_token=9YjTntCuMIe2ujpumwqJQoENRXUhJzlDt33Xu7kx\u0026device_id=-1\u0026device_name=\u0026rule_id=\u0026type=alert-rules\u0026template_id=\u0026builder_json=%7B%22condition%22%3A%22AND%22%2C%22rules%22%3A%5B%7B%22id%22%3A%22access_points.accesspoint_id%22%2C%22field%22%3A%22access_points.accesspoint_id%22%2C%22type%22%3A%22string%22%2C%22input%22%3A%22text%22%2C%22operator%22%3A%22equal%22%2C%22value%22%3A%2242%22%7D%5D%2C%22valid%22%3Atrue%7D\u0026name=%3Ci%3Efoo%3C%2Fi%3E\u0026builder_rule_0_filter=access_points.accesspoint_id\u0026builder_rule_0_operator=equal\u0026builder_rule_0_value_0=42\u0026severity=warning\u0026count=1\u0026delay=1m\u0026interval=5m\u0026recovery=on\u0026acknowledgement=on\u0026proc=\u0026notes=\u0026adv_query=\n```\n\n### Code Flow\n\n1. **Request Processing:** PHP script `includes/html/forms/alert-rules.inc.php` processes the request\n2. **Sanitization Attempt:** Calls `strip_tags()` to sanitize the `name` parameter\n3. **Database Operation:** Calls `dbUpdate()` or `dbInsert()` to save the rule\n\n### Bypass Technique\nThe sanitization can be bypassed using XML character references:\n\n```html\n\u0026lt;script\u003ealert(1)\u0026lt;/script\u003e\n```\n\n### Execution Path\n\n1. **Page Load:** Victim browses to Alerts \u003e Alert Rules page\n2. **Script Execution:** `includes/html/print-alert/rules.php` is called\n3. **Modal Inclusion:** Includes `includes/html/modal/alert_rule_list.inc.php` which returns HTML for modal window\n4. **Table Rendering:** Modal contains HTML table with all rules and inline JavaScript calling `bootgrid()` function\n5. **XSS Trigger:** The `bootgrid()` function (http://www.jquery-bootgrid.com/) rewrites table cells, decoding XML character references\n6. **Code Execution:** Browser interprets the decoded payload as HTML tags and executes the injected script\n\n## Proof of Concept\n\n### Usage\n```bash\npython3 poc.py client ip_addr -U \u003cusername\u003e -P \u003cpassword\u003e\n```\n\n### Optional Parameters\n- `-E [kvp|multipart]` - Specify HTTP request parameter encoding\n\n## Credit\n\n**Discovered by:** Simon Humbert of Trend Research, Trend Micro\n\n## About Zero Day Initiative (ZDI)\n\nEstablished by TippingPoint and acquired by Trend Micro, the Zero Day Initiative (ZDI) neither re-sells vulnerability details nor exploit code. Instead, upon notifying the affected product vendor, the ZDI provides its Trend Micro TippingPoint customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available.\n\n## References\n\n- **ZDI Website:** http://www.zerodayinitiative.com\n- **Disclosure Policy:** http://www.zerodayinitiative.com/advisories/disclosure_policy/",
  "id": "GHSA-6g2v-66ch-6xmh",
  "modified": "2025-10-16T20:18:32Z",
  "published": "2025-10-16T20:18:32Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62412"
    },
    {
      "type": "WEB",
      "url": "https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/librenms/librenms"
    },
    {
      "type": "WEB",
      "url": "https://github.com/librenms/librenms/releases/tag/25.10.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "LibreNMS alert-rules has a Cross-Site Scripting Vulnerability"
}

fkie_cve-2025-62412

Vulnerability from fkie_nvd

Published

2025-10-16 18:15

Modified

2025-10-16 20:15

Severity ?

3.8 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Summary

References

▼	URL	Tags
	security-advisories@github.com	https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f
	security-advisories@github.com	https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "LibreNMS  is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts \u003e Alert Rules page is not properly sanitized, and can be used to inject HTML code. This vulnerability is fixed in 25.10.0."
    }
  ],
  "id": "CVE-2025-62412",
  "lastModified": "2025-10-16T20:15:36.130",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.8,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 2.5,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-10-16T18:15:39.920",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Received",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-62412 (GCVE-0-2025-62412)

Vulnerability from cvelistv5

ghsa-6g2v-66ch-6xmh

Vulnerability from github

Executive Summary

Vulnerability Details

Description

Technical Details

Attack Vector

Root Cause Analysis

Vulnerable Request

Code Flow

Bypass Technique

Execution Path

Proof of Concept

Usage

Optional Parameters

Credit

About Zero Day Initiative (ZDI)

References

fkie_cve-2025-62412

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature