Cacti Command Injection Vulnerability - 20230217002

Overview

Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code.

What is the vulnerability?

Cacti Command Injection Vulnerability CVE-2022-46169

What is vulnerable?

The vulnerability resides in the remote_agent.php file. This file can be accessed without authentication. In order to verify that the client is allowed the function remote_client_authorized is called.

Note: https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf

What has been observed?

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

Recommendation

Apply updates per vendor instructions