EUVD-2017-7963

Malware in sbrugna...

CVE-2025-22604 Cacti has Authenticated RCE via multi-line SNMP responses

Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ssnetsnmpdiskio or ssnetsnmpdiskbytes, a part of each OID will be used as a key in an array that is...

PT-2025-1299

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.29 Cacti versions prior to 1.2.24+ds1-1+deb12u5 Cacti versions prior to 1.2.16+ds1-2+deb11u5 Description Cacti, a web interface for graphing of monitoring systems, contains a flaw in its multi-line SNMP result parse...

CVE-2014-5261

The graph settings script graphsettings.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php...

CVE-2009-4112

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...