3268 matches found
Cacti v1.2.8 - Remote Code Execution
Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentication if "Guest Realtime Graphs" privileges are enabled. id: CVE-2020-8813 info: name: Cacti v1.2.8 - Remote Code Execution author: gy741 severity: high description: Cacti v1.2.8 is...
Cacti < 1.2.25 Insecure Deserialization
Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. id: CVE-2023-30534 info: name: Cacti 1.2.25 Insecure Deserialization author: k0pak4 severity: medium description: | Cacti is an open source...
Cacti - Cross-Site Scripting
Cacti contains a cross-site scripting vulnerability via "http:///authchangepassword.php?ref=alert1" which can successfully execute the JavaScript payload present in the "ref" URL parameter. id: CVE-2021-26247 info: name: Cacti - Cross-Site Scripting author: dhiyaneshDK severity: medium descriptio...
Cacti cmd_realtime.php - Command Injection
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...
CVE-2026-40079
Cacti (WEB UI) vulnerabilities CVE-2026-40079: Versions
CVE-2026-39900
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the authprofile.php JavaScript context. This issue has been fixed in version 1.2.31...
CVE-2026-39951
CVE-2026-39951 affects Cacti versions 1.2.30 and earlier, exposing a Stored SQL Injection through graph_name_regexp in the Reports feature. The vulnerability is fixed in version 1.2.31. Public references confirm the issue and include a fix commit and security advisory link. No exploitation detail...
CVE-2026-39948
Cacti
CVE-2026-39948 Cacti has SQL Injection via rfilter parameter in RLIKE clauses
Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request parameter is retrieved via the raw accessor grv rather than gfrv with FILTERVALIDATEISREGEX validation and concatenated directly into RLIKE SQL clauses in lib/htmlgraph.php and...
CVE-2026-39955
CVE-2026-39955 affects Cacti up to version 1.2.30, with a pre-authentication SQL injection caused by an unanchored FILTER_VALIDATE_REGEXP in graph_view.php. The issue is fixed in version 1.2.31. Impact centers on unauthorized access to potentially sensitive data before authentication; exploitatio...
CVE-2026-39900 Cacti: Reflected XSS via tab parameter in auth_profile.php JavaScript context
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the authprofile.php JavaScript context. This issue has been fixed in version 1.2.31...
CVE-2026-39900
Cacti versions 1.2.30 and earlier are vulnerable to a Reflected XSS via the tab parameter in the auth_profile.php JavaScript context. The issue is fixed in version 1.2.31. CVSS 4.0 base score 5.3 (Medium) with network vector, low attack complexity, no privileges required, and user interaction req...
CVE-2026-39897 Cacti has a Reflected XSS Vulnerability via html_auth_footer
Cacti is an open source performance and fault management framework. Versions 1.2.30 and below contain a Reflected XSS vulnerability in the htmlauthfooter. This issue has been fixed in version 1.2.31...
CVE-2026-39894
CVE-2026-39894 affects Cacti (≤ 1.2.30). Locale-dependent decimal formatting in rrdtool_function_update() uses PHP string interpolation for metric values after is_numeric(), so a value like 1.5 may be rendered as 1,5 under LC_NUMERIC with a comma decimal. RRDtool expects a dot, causing metric dat...
CVE-2026-39894 Cacti: RRDtool metric shift via LC_NUMERIC locale comma decimal formatting
Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting in rrdtoolfunctionupdate can corrupt RRDtool metric values. The rrdtoolfunctionupdate function checks metric values with isnumeric and concatenates them into t...
PT-2026-52138
Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description Cacti is an open source performance and fault management framework. A pre-authentication SQL Injection exists in the 'graph view.php' endpoint due to an unanchored FILTER VALIDATE REGEXP. SQL Injectio...
PT-2026-52135
Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description Reflected Cross-Site Scripting XSS occurs in the JavaScript context of the 'auth profile.php' endpoint through the tab parameter. Reflected XSS is a type of attack where a malicious script is reflecte...
PT-2026-52137
Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description An unauthenticated attacker can inject arbitrary SQL to compromise the confidentiality, integrity, and availability of the database. This occurs because the rfilter request parameter is retrieved via...
Cacti 1.2.24 - SQL Injection
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graphview.php. Since guest users can access graphview.php without authentication by default, if guest users are being utilized in an enabled state, there...
Cacti <=1.2.22 - Remote Command Injection
Cacti through 1.2.22 is susceptible to remote command injection. There is insufficient authorization within the remote agent when handling HTTP requests with a custom Forwarded-For HTTP header. An attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS...