Linux Distros Unpatched Vulnerability : CVE-2023-49085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the...

The vulnerability of the microprogrammed software of the BUFFALO VR-S1000 routers lies in the lack of measures to neutralize the special elements used in the operating system’s command set. This allows a perpetrator to execute arbitrary commands of the operating system.

The vulnerability of the Cacti network monitoring software is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pollers.php script...

SUSE CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

PT-2023-8526 · Cacti +1 · Cacti +1

Name of the Vulnerable Software and Affected Versions: Cacti versions affected versions not specified VR-S1000 firmware versions prior to 2.42 Description: The issue is related to a lack of protection in the SQL query structure in Cacti, and in VR-S1000 firmware, it allows an attacker with access...

PT-2023-8525 · Cacti +1 · Cacti +1

Name of the Vulnerable Software and Affected Versions: Cacti versions 1.2.25 and prior Description: The issue is related to a lack of protection in the SQL query structure of the Cacti network monitoring tool, specifically in the pollers.php script. This allows an authorized user to execute...