CVE-2020-36947

HIGH

LibreNMS 1.46 - Authenticated SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-36947. PoCs published by Hodorsec.

AI-analyzed exploit summary This exploit demonstrates an authenticated SQL injection vulnerability in LibreNMS 1.46 via the MAC Accounting Graph feature. It uses time-based blind SQLi to extract user credentials from the database.

Description

LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve sensitive database contents through time-based blind SQL injection.

Exploits (1)

exploitdb WORKING POC
by Hodorsec · pythonwebappsmultiple
https://www.exploit-db.com/exploits/49246

This exploit demonstrates an authenticated SQL injection vulnerability in LibreNMS 1.46 via the MAC Accounting Graph feature. It uses time-based blind SQLi to extract user credentials from the database.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: LibreNMS 1.46
Auth required
Prerequisites: Valid credentials for LibreNMS · Access to the target URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory, VDB Entry exploit
https://www.exploit-db.com/exploits/49246
Product product
https://www.librenms.org

Scores

CVSS v3 7.1
EPSS 0.0001
EPSS Percentile 3.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (2)
librenms/librenms 1.46
librenms/librenms 0Packagist
Published Jan 27, 2026
Tracked Since Feb 18, 2026