Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution

A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a...

Cacti 操作系统命令注入漏洞

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. Cacti suffers from an operating system command injection vulnerability that...

CVE-2017-5257

In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or guesses the SNMP read/write RW community string can insert XSS strings in certain SNMP OIDs which will execute in the context of the currently-logged on user...