Cacti Framework Vulnerable to Attackers Executing Malicious Code Bugs Detected

May 14, 2024
1 min read


TLDR:

Key points of the article:

  • 12 security flaws in Cacti framework addressed, including 2 critical issues
  • Most severe vulnerabilities include arbitrary code execution and command injection

In the latest development, the maintainers of the Cacti open-source network monitoring and fault management framework have rectified a total of twelve security flaws, with two critical issues that could potentially lead to the execution of malicious code. The most severe vulnerabilities include an arbitrary code write vulnerability in the “Package Import” feature and a command injection flaw. These flaws could allow attackers to execute arbitrary PHP code on the server and carry out unauthorized commands respectively.

Additionally, two other high-severity flaws were also addressed, which could result in code execution through SQL injection and file inclusion. It’s important to note that the majority of these vulnerabilities impact all versions of Cacti, including versions prior to 1.2.26. The flaws have been patched in the latest version 1.2.27 released on May 13, 2024.

Noteworthy is the fact that a critical SQL injection vulnerability was disclosed in Cacti eight months prior, with another critical flaw under exploitation in early 2023. With proof-of-concept exploits available for some of these vulnerabilities, users are strongly advised to update their instances to the latest version to mitigate potential risks.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and