CVE-2025-65093: 
PHP 脆弱性の分析と軽減

LibreNMS, an auto-discovering PHP/MySQL/SNMP based network monitoring tool, contains a Boolean-Based Blind SQL Injection vulnerability (CVE-2025-65093) in version 25.10.0. The vulnerability exists in the /ajax_output.php endpoint where the hostname parameter is vulnerable to SQL injection. This security issue was discovered and reported by marcelomulder and was published on November 18, 2025 (GitHub Advisory).

The vulnerability exists in the hostname parameter at the /ajax_output.php endpoint. The issue occurs because user-supplied data is concatenated directly into SQL queries within /opt/librenms/includes/html/output/capture.inc.php without proper sanitization. The vulnerability is classified as a Boolean-Based Blind SQL Injection, where attackers can infer database information through conditional responses. The CVSS score is 5.5 (Moderate), with a vector string of CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N (GitHub Advisory).

The vulnerability can lead to several serious consequences: data extraction through Boolean inference techniques, potential system compromise through database manipulation, and information disclosure revealing internal SQL structure and logic of the LibreNMS backend. However, the impact is somewhat limited as the vulnerability requires administrator privileges to exploit (GitHub Advisory).

As of the advisory publication, no official patch has been released for version 25.10.0. Organizations running affected versions should implement additional security controls to restrict access to the vulnerable endpoint and monitor for suspicious SQL queries (GitHub Advisory).