Login Sign Up

CVE-2022-0580

7.1 HIGH
Authentication Bypass

📋 TL;DR

CVE-2022-0580 is an incorrect authorization vulnerability in LibreNMS that allows authenticated users to access unauthorized functionality. This affects LibreNMS installations prior to version 22.2.0 where users can bypass intended access controls.

💻 Affected Systems

Products:
  • LibreNMS
Versions: All versions prior to 22.2.0
Operating Systems: All platforms running LibreNMS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all LibreNMS installations with user accounts. Requires authenticated access.

📦 What is this software?

Librenms by Librenms

View all CVEs affecting Librenms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker could gain administrative privileges, modify system configurations, access sensitive data, or execute arbitrary code.

🟠

Likely Case

Authenticated users can access functionality beyond their assigned permissions, potentially viewing or modifying data they shouldn't have access to.

🟢

If Mitigated

With proper access controls and network segmentation, impact is limited to authorized users accessing some unauthorized functions.

🌐 Internet-Facing: HIGH if exposed to internet with user accounts, as authenticated users could exploit it.
🏢 Internal Only: MEDIUM as it requires authenticated access but could be exploited by malicious insiders.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access. Public proof-of-concept exists in references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 22.2.0

Vendor Advisory: https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7

Restart Required: No

Instructions:

1. Backup your LibreNMS installation and database. 2. Update to LibreNMS version 22.2.0 or later. 3. Verify the fix by checking version and testing authorization controls.

🔧 Temporary Workarounds

Restrict User Access

all

Temporarily restrict user accounts to minimum necessary permissions while awaiting patch.

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate LibreNMS from critical systems
  • Enable detailed logging and monitoring for unauthorized access attempts

🔍 How to Verify

Check if Vulnerable:

Check LibreNMS version: if version is below 22.2.0, system is vulnerable.

Check Version:

cd /opt/librenms && ./lnms --version

Verify Fix Applied:

Verify version is 22.2.0 or higher and test user authorization controls.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access attempts in LibreNMS logs
  • User accessing endpoints beyond their role permissions

Network Indicators:

  • Unusual API calls from authenticated users
  • Requests to administrative endpoints from non-admin users

SIEM Query:

source="librenms" AND (event_type="unauthorized_access" OR user_role_changes)

📊 Metadata

CVE ID: CVE-2022-0580
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CWE: CWE-863
Published: February 14, 2022
Last Updated: February 24, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-0580, you might also want to check these:

CVE-2023-4617 10.0

This vulnerability allows remote attackers to bypass authorization controls in the Govee Home mobile...

Same vulnerability type (CWE-863)
CVE-2025-54253 10.0

CVE-2025-54253 is a critical misconfiguration vulnerability in Adobe Experience Manager Forms that a...

Same vulnerability type (CWE-863)
CVE-2021-38503 10.0

This vulnerability allows malicious iframes to bypass sandbox restrictions when loading XSLT stylesh...

Same vulnerability type (CWE-863)