Multiple vulnerabilities in Cacti
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 18 |
| CVE-ID | CVE-2023-39366 CVE-2023-39360 CVE-2023-39361 CVE-2023-39357 CVE-2023-39364 CVE-2023-39358 CVE-2023-39359 CVE-2023-39362 CVE-2023-39510 CVE-2023-30534 CVE-2023-39365 CVE-2023-39512 CVE-2023-39513 CVE-2023-39514 CVE-2023-39515 CVE-2023-39516 CVE-2023-31132 CVE-2023-39511 |
| CWE-ID | CWE-79 CWE-89 CWE-601 CWE-78 CWE-502 CWE-276 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #8 is available. |
| Vulnerable software |
Cacti Web applications / Other software |
| Vendor | The Cacti Group, Inc. |
Security Bulletin
This security bulletin contains information about 18 vulnerabilities.
1) Stored cross-site scripting
EUVDB-ID: #VU80431
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39366
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in data_sources.php. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Cross-site scripting
EUVDB-ID: #VU80423
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39360
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data passed to graphs_new.php. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) SQL injection
EUVDB-ID: #VU80424
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-39361
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the grow_right_pane_tree() function in graph_view.php. A remote non-authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) SQL injection
EUVDB-ID: #VU80425
Risk: Medium
CVSSv4.0: 6.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-39357
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the sql_save() function. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Open redirect
EUVDB-ID: #VU80426
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39364
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data passed via the "ref" parameter to auth_changepassword.php. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) SQL injection
EUVDB-ID: #VU80427
Risk: Medium
CVSSv4.0: 6.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-39358
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the ajax_get_branches() function in reports_user.php. A remote user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) SQL injection
EUVDB-ID: #VU80428
Risk: Medium
CVSSv4.0: 6.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-39359
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in graphs.php. A remote user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) OS Command Injection
EUVDB-ID: #VU80429
Risk: Medium
CVSSv4.0: 7.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2023-39362
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in lib/snmp.php. A remote user attacker can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
9) Sored cross-site scripting
EUVDB-ID: #VU80432
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39510
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in reports_admin.php. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Install updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Deserialization of Untrusted Data
EUVDB-ID: #VU80440
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-30534
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data within the host_new_graphs_save() function in graphs_new.php. A remote user can pass specially crafted data to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) SQL injection
EUVDB-ID: #VU80433
Risk: Medium
CVSSv4.0: 6.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-39365
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data when using regular expression within the graph_view and link endpoints. A remote user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22
https://www.zerodayinitiative.com/advisories/ZDI-23-1500/
https://www.zerodayinitiative.com/advisories/ZDI-23-1499/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Stored cross-site scripting
EUVDB-ID: #VU80434
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39512
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in data_sources.php. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Stored cross-site scripting
EUVDB-ID: #VU80435
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39513
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in host.php. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Stored cross-site scripting
EUVDB-ID: #VU80436
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39514
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in graphs.php. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Stored cross-site scripting
EUVDB-ID: #VU80437
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39515
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in data_debug.php. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Install updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Stored cross-site scripting
EUVDB-ID: #VU80438
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39516
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in data_sources.php. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Incorrect default permissions
EUVDB-ID: #VU80439
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31132
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect default permissions set for web document directory. A local user with create an arbitrary PHP file in the directory and execute it on the system.
Note, the vulnerability affects Windows installations only.
Install updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Stored cross-site scripting
EUVDB-ID: #VU80508
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39511
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in reports_admin.php. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Install updates from vendor's website.
Vulnerable software versionsCacti: 1.2.0 beta1 - 1.2.24
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.2.0:beta3:*:*:*:*:*:*
https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
