CVE-2026-6204

HIGH

LibreNMS < 26.3.0 - Authenticated Remote Code Execution via Binary Locations Config

Title source: llm

Description

LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server.

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory

https://github.com/librenms/librenms/security/advisories/GHSA-pr3g-phhr-h8fh

Exploit exploit

https://projectblack.io/blog/librenms-authenticated-rce-and-xss/#binary-path-rce-poc

Scores

CVSS v3 7.2

EPSS 0.0753

EPSS Percentile 93.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (2)

librenms/librenms < 26.3.0 (2 CPE variants)

librenms/librenms 1.48 - 26.3.0Packagist

Published Apr 13, 2026

Tracked Since Apr 13, 2026