cacti -- SQL injection and command execution vulnerabilities

ID 5198EF84-4FDC-11DF-83FB-0015587E2CC1
Type freebsd
Reporter FreeBSD
Modified 2013-06-16T00:00:00


Bonsai information security reports:

A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the "export_item_id" parameter to "templates_export.php" script is not properly sanitized before being used in a SQL query.

The same source also reported a command execution vulnerability. This second issue can be exploited by Cacti users who have the rights to modify device or graph configurations.