Fedora 37 : cacti / cacti-spine (2023-788d505ddc)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-788d505ddc advisory. - Update to 1.2.23 - CVE-46169 Release notes: https://www.cacti.net/info/changelog/1.2.23 Tenable has extracted the preceding description block...

Exploit for Incorrect Authorization in Cacti

CVE-2022-46169 CVE-2022-46169 is a security vulnerability fou...

openSUSE 15 Security Update : cacti, cacti-spine (openSUSE-SU-2023:0025-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0025-1 advisory. - Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected...

The vulnerability of the implementation of the remote_agent.php script in the network monitoring software Cacti allows a perpetrator to execute arbitrary commands.

The vulnerability of the remoteagent.php script implementation of the Cacti network monitoring software is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

Command injection

Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data...

CVE-2022-46169

Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data...

[ASA-201712-2] cacti: multiple issues

Arch Linux Security Advisory ASA-201712-2 ========================================= Severity: High Date : 2017-12-02 CVE-ID : CVE-2017-16641 CVE-2017-16660 CVE-2017-16661 CVE-2017-16785 Package : cacti Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-537 Summary =====...

FreeBSD : cacti -- multiple vulnerabilities (db570002-ce06-11e7-804e-c85b763a2f96)

cacti reports : Changelog issue1057: CVE-2017-16641 - Potential vulnerability in RRDtool functions issue1066: CVE-2017-16660 in remoteagent.php logging function issue1066: CVE-2017-16661 in view log file issue1071: CVE-2017-16785 in globalsession.php Reflection XSS %NASLMINLEVEL 70300 C Tenable...

CVE-2017-16660

Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remoteagent.php request containing PHP code in a Client-ip header...

Remote code execution

Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remoteagent.php request containing PHP code in a Client-ip header...