Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2020-14295 — SQL Injection in Cacti

CWE-89 — SQL Injection11 documents8 sources

Severity

7.2HIGHNVD

OSV4.3

EPSS

81.2%

top 0.83%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Cacti Debian Cacti Fedoraproject Fedora

Timeline

PublishedJun 17

Latest updateJun 9

Description

A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages4 packages

▶debiandebian/cacti< cacti 1.2.13+ds1-1 (bookworm)

▶Debiancacti/cacti< 1.2.13+ds1-1+3

▶Ubuntucacti/cacti< 0.8.8f+ds1-4ubuntu4.16.04.2+esm1+2

▶NVDcacti/cacti1.2.12

Also affects: Fedora 31, 32

🔴Vulnerability Details

OSV

cacti vulnerabilities↗2022-06-09

▶

GHSA

GHSA-rwpv-9gq4-x5g3: A SQL injection issue in color↗2022-05-24

▶

OSV

CVE-2020-14295: A SQL injection issue in color↗2020-06-17

▶

💥Exploits & PoCs

Exploit-DB

Cacti 1.2.12 - 'filter' SQL Injection↗2021-04-29

▶

Metasploit

Cacti color filter authenticated SQLi to RCE↗

▶

📋Vendor Advisories

Ubuntu

Cacti vulnerabilities↗2022-06-09

▶

Debian

CVE-2020-14295: cacti - A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL...↗2020

▶

💬Community

Bugzilla

CVE-2020-14295 cacti: SQL injection in color.php can lead to remote command execution↗2020-06-19

▶

Bugzilla

CVE-2020-14295 cacti: SQL injection in color.php can lead to remote command execution [epel-all]↗2020-06-19

▶

Bugzilla

CVE-2020-14295 cacti: SQL injection in color.php can lead to remote command execution [fedora-all]↗2020-06-19

▶