Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-49084 — PHP Remote File Inclusion in Cacti

CWE-98 — PHP Remote File Inclusion4 documents4 sources

Severity

8.8HIGHNVD

EPSS

88.3%

top 0.50%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Cacti Debian Cacti

Timeline

PublishedDec 21

Description

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶debiandebian/cacti< cacti 1.2.24+ds1-1+deb12u2 (bookworm)

▶Debiancacti/cacti< 1.2.16+ds1-2+deb11u3+3

▶CVEListV5cacti/cacti= 1.2.25

▶NVDcacti/cacti1.2.25

🔴Vulnerability Details

OSV

CVE-2023-49084: Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB)↗2023-12-21

▶

💥Exploits & PoCs

Metasploit

Cacti RCE via SQLi in pollers.php↗

▶

📋Vendor Advisories

Debian

CVE-2023-49084: cacti - Cacti is a robust performance and fault management framework and a frontend to R...↗2023

▶