• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

You are here: Home / General Cyber Security News / Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability
January 14, 2023

Cacti Server Vulnerability

A majority of internet-uncovered Cacti servers have not been patched in opposition to a just lately patched critical security vulnerability that has arrive beneath lively exploitation in the wild.

That’s in accordance to attack surface area administration system Censys, which observed only 26 out of a complete of 6,427 servers to be functioning a patched edition of Cacti (1.2.23 and 1.3.).

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The issue in concern relates to CVE-2022-46169 (CVSS score: 9.8), a mix of authentication bypass and command injection that enables an unauthenticated person to execute arbitrary code on an affected edition of the open up-source, web-centered monitoring answer.

Aspects about the flaw, which impacts versions 1.2.22 and under, were very first discovered by SonarSource. The flaw was noted to the project maintainers on December 2, 2022.

“A hostname-centered authorization check out is not carried out securely for most installations of Cacti,” SonarSource researcher Stefan Schiller famous previously this thirty day period, including “unsanitized user input is propagated to a string utilized to execute an exterior command.”

The general public disclosure of the vulnerability has also led to “exploitation attempts,” with the Shadowserver Foundation and GreyNoise warning of malicious attacks originating from one particular IP deal with situated in Ukraine so significantly.

A bulk of the unpatched variations (1,320) are found in Brazil, followed by Indonesia, the U.S., China, Bangladesh, Russia, Ukraine, the Philippines, Thailand, and the U.K.

SugarCRM Flaw Actively Exploited to Drop Web Shells

The progress comes as SugarCRM transported fixes for a publicly disclosed vulnerability that has also been actively weaponized to drop a PHP-based web shell on 354 exceptional hosts, Censys stated in an independent advisory.

The bug, tracked as CVE-2023-22952, issues a circumstance of lacking input validation that could consequence in injection of arbitrary PHP code. It has been addressed in SugarCRM variations 11..5 and 12..2.

In the attacks in-depth by Censys, the web shell is made use of as a conduit to execute supplemental instructions on the infected device with the very same permissions as the person functioning the web provider. A majority of the infections have been noted in the U.S., Germany, Australia, France, and the U.K.

It is not unheard of for malicious actors to capitalize on freshly disclosed vulnerabilities to have out their attacks, creating it imperative that consumers go swiftly plug the security holes.

Observed this report exciting? Stick to us on Twitter  and LinkedIn to study much more exclusive material we submit.


Some elements of this post are sourced from:
thehackernews.com

Previous Post: «tiktok fined $5.4 million by french regulator for violating cookie TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability
  • TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws
  • Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers
  • Pro-Russian Hacktivist Group Targets Czech Presidential Election
  • Russian Hackers Try to Bypass ChatGPT’s Restrictions For Malicious Purposes
  • Beware: Tainted VPNs Being Used to Spread EyeSpy Surveillanceware
  • Cisco Warns of Critical Vulnerability in End-of-Life Routers
  • Windows Defender update deletes Start Menu, Taskbar, Desktop shortcuts
  • Meta sues ‘data scraping for hire’ service that collected info on 600k users
  • Cybercriminals Using Polyglot Files in Malware Distribution to Fly Under the Radar

Copyright © TheCyberSecurity.News, All Rights Reserved.