Fedora 37 : cacti / cacti-spine (2023-788d505ddc)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-788d505ddc advisory. - Update to 1.2.23 - CVE-46169 Release notes: https://www.cacti.net/info/changelog/1.2.23 Tenable has extracted the preceding description block...

Exploit for Incorrect Authorization in Cacti

CVE-2022-46169 CVE-2022-46169 is a security vulnerability fou...

openSUSE 15 Security Update : cacti, cacti-spine (openSUSE-SU-2023:0025-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0025-1 advisory. - Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected...

Command injection

Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data...

CVE-2022-46169

Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data...

[ASA-201712-2] cacti: multiple issues

Arch Linux Security Advisory ASA-201712-2 ========================================= Severity: High Date : 2017-12-02 CVE-ID : CVE-2017-16641 CVE-2017-16660 CVE-2017-16661 CVE-2017-16785 Package : cacti Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-537 Summary =====...

FreeBSD : cacti -- multiple vulnerabilities (db570002-ce06-11e7-804e-c85b763a2f96)

cacti reports : Changelog issue1057: CVE-2017-16641 - Potential vulnerability in RRDtool functions issue1066: CVE-2017-16660 in remoteagent.php logging function issue1066: CVE-2017-16661 in view log file issue1071: CVE-2017-16785 in globalsession.php Reflection XSS %NASLMINLEVEL 70300 C Tenable...

Remote code execution

Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remoteagent.php request containing PHP code in a Client-ip header...

CVE-2017-16660

Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remoteagent.php request containing PHP code in a Client-ip header...