• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
critical flaws in cacti framework could let attackers execute malicious

Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code

You are here: Home / General Cyber Security News / Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code
May 14, 2024

The maintainers of the Cacti open up-source network monitoring and fault management framework have dealt with a dozen security flaws, together with two critical issues that could direct to the execution of arbitrary code.

The most severe of the vulnerabilities are outlined below –

  • CVE-2024-25641 (CVSS rating: 9.1) – An arbitrary file generate vulnerability in the “Bundle Import” aspect that enables authenticated people owning the “Import Templates” authorization to execute arbitrary PHP code on the web server, ensuing in distant code execution
  • CVE-2024-29895 (CVSS rating: 10.) – A command injection vulnerability enables any unauthenticated person to execute arbitrary command on the server when the “sign up_argc_argv” option of PHP is On

Cacti Framework

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Also tackled by Cacti are two other high-severity flaws that could lead to code execution by way of SQL injection and file inclusion –

  • CVE-2024-31445 (CVSS score: 8.8) – An SQL injection vulnerability in api_automation.php that permits authenticated consumers to carry out privilege escalation and remote code execution
  • CVE-2024-31459 (CVSS score: N/A) – A file inclusion issue in the “lib/plugin.php” file that could be combined with SQL injection vulnerabilities to final result in remote code execution

It truly is value noting that 10 out of the 12 flaws, with the exception of CVE-2024-29895 and CVE-2024-30268 (CVSS rating: 6.1), affect all variations of Cacti, like and prior to 1.2.26. They have been addressed in variation 1.2.27 introduced on May possibly 13, 2024. The two other flaws have an affect on the growth variations 1.3.x.

Cybersecurity

The improvement comes more than eight months just after the disclosure of a further critical SQL injection vulnerability (CVE-2023-39361, CVSS score: 9.8) that could permit an attacker to get hold of elevated permissions and execute destructive code.

In early 2023, a 3rd critical flaw tracked as CVE-2022-46169 (CVSS score: 9.8) arrived underneath lively exploitation in the wild, allowing menace actors to breach internet-exposed Cacti servers to provide botnet malware these types of as MooBot and ShellBot.

With evidence-of-strategy (PoC) exploits publicly accessible for these shortcomings (in the respective GitHub advisories), it is suggested that people get actions to update their occasions to the hottest variation as shortly as possible to mitigate opportunity threats.

Discovered this short article fascinating? Follow us on Twitter  and LinkedIn to examine a lot more distinctive content we post.


Some sections of this write-up are sourced from:
thehackernews.com

Previous Post: «6 mistakes organizations make when deploying advanced authentication 6 Mistakes Organizations Make When Deploying Advanced Authentication
Next Post: New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation new chrome zero day vulnerability cve 2024 4761 under active exploitation»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
  • PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
  • Securing Data in the AI Era
  • Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
  • Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
  • CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
  • Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
  • Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
  • Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
  • What Security Leaders Need to Know About AI Governance for SaaS

Copyright © TheCyberSecurity.News, All Rights Reserved.