Our research team in KAIST WSP Lab found a reflected vulnerability in LibreNMS.
Steps to reproduce the report
- Login to the website
- Go to the link: [LibreNMS root URL]/api-access
- Click the “Create API access token” button
- Enter “” in “Descr:”, and click the “Create API Token”
If there are any active developers on this project feel free to contact us for more information.
Additionally, I would like to get a CVE for the reported bug. How do I do this?