Cacti community monitoring software program customers must replace their techniques to the most recent model because the maintainers of the framework patch quite a few vulnerabilities. These safety flaws additionally embrace a essential distant code execution vulnerability that might permit unwarranted entry to the goal system.
Crucial RCE Flaws Affected Cacti Framework
First found and reported by the safety researcher Egidio Romano, this essential vulnerability within the Cacti community monitoring software may permit distant code execution.
Recognized as CVE-2024-25641 (CVSS 9.1), the vulnerability is mainly an arbitrary file write subject affecting the import_package() operate. An authenticated adversary with “Import Templates” permission may exploit the flaw to execute arbitrary PHP codes on the goal server.
As defined in an advisory, Romano noticed the vulnerability affecting Cacti variations together with and previous to v.1.2.26. Following Romano’s report, the maintainers patched the vulnerability with Cacti model 1.2.27.
As well as, one other essential severity vulnerability, CVE-2024-29895 (CVSS 10.0), additionally acquired a repair from the maintainers. Nonetheless, it primarily affected the event variations 1.3.x. This vulnerability may permit command injection from an unauthenticated adversary when the register_argc_argv PHP choice is On.
Different Cacti Community Monitoring Software Vulnerabilities Additionally Patched
Alongside this essential vulnerability, the most recent Cacti replace additionally addressed quite a few different vulnerabilities, as evident by the changelog on its web site. These embrace the next two high-severity vulnerabilities.
- CVE-2024-31445(CVSS 8.8): An SQL injection vulnerability affecting
api_automation.php. Exploiting this flaw may permit elevated privileges and distant code execution to an authenticated attacker. - CVE-2024-31459: A high-severity file inclusion vulnerability affecting the
lib/plugin.phpfile. Exploiting the flaw along with SQL injection vulnerabilities may permit distant code execution assaults.
In addition to, the maintainers additionally patched quite a few average severity points with model 1.2.27, which is the model customers ought to improve to in an effort to obtain all safety fixes. Cacti additionally patched a average severity vulnerability mirrored XSS, CVE-2024-30268, within the improvement variations 1.3.x.
Tell us your ideas within the feedback.
