Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-39362OS Command Injection in Cacti

CWE-78OS Command InjectionCWE-77Command Injection4 documents4 sources
Severity
7.2HIGHNVD
EPSS
87.2%
top 0.55%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
CactiDebian CactiFedoraproject Fedora
Timeline
PublishedSep 5
Latest updateOct 9

Description

Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib/snmp.php` file has a set of functions, with similar behavior, that accept in input some variables and place them into an `exec` call without a proper escape or validation. This issue h

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages3 packages

NVDcacti/cacti< 1.2.25
debiandebian/cacti< cacti 1.2.24+ds1-1+deb12u1 (bookworm)
Debiancacti/cacti< 1.2.16+ds1-2+deb11u2+3

Also affects: Fedora 37, 38

🔴Vulnerability Details

1
OSV
CVE-2023-39362: Cacti is an open source operational monitoring and fault management framework2023-09-05

💥Exploits & PoCs

1
Exploit-DB
Cacti 1.2.24 - Authenticated command injection when using SNMP options2023-10-09

📋Vendor Advisories

1
Debian
CVE-2023-39362: cacti - Cacti is an open source operational monitoring and fault management framework. I...2023