ClickCease Critical Cacti Vulnerabilities Addressed in Latest Update

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Critical Cacti Vulnerabilities Addressed in Latest Update

Rohan Timalsina

May 29, 2024 - TuxCare expert team

Cacti is a popular open-source platform for monitoring network health and performance. Several vulnerabilities were discovered in Cacti, which have been patched in the latest version 1.2.27. This update is crucial for users relying on Cacti for network performance tracking and issue resolution.

 

Overview of Cacti Vulnerabilities

 

Cacti developers fixed 12 security issues, including two highly severe ones (CVE-2024-25641 & CVE-2024-29895). These vulnerabilities could grant attackers remote code execution, giving them complete control over affected systems.

CVE-2024-25641 (CVSS score: 9.1): This is an arbitrary file write flaw in the “Package Import” feature. It allows authenticated users with the “Import Templates” permission to write malicious PHP code anywhere on the server. By exploiting this flaw, attackers can achieve remote code execution and take control of the server.

CVE-2024-29895 (CVSS score: 10.0): This command injection vulnerability allows any unauthenticated user to execute arbitrary commands on the server if the “register_argc_argv” option in PHP is “On”.

Cacti has also addressed two other high-severity vulnerabilities that could lead to code execution:

CVE-2024-31445 (CVSS score: 8.8): This SQL injection vulnerability exists in the api_automation.php file. It enables authenticated users to escalate their privileges and execute code remotely. By manipulating SQL queries, an attacker can gain unauthorized access and potentially control the system.

CVE-2024-31459 (CVSS score: N/A): This file inclusion issue in the lib/plugin.php file can be exploited in combination with SQL injection vulnerabilities to achieve remote code execution. Such vulnerabilities can be used to include malicious files from external sources or user inputs without proper validation. Attackers can access sensitive information, execute arbitrary code, or compromise the server.

 

Don’t Wait, Update Now

 

Out of the twelve addressed vulnerabilities, ten impacted all versions of Cacti before 1.2.27. The latest stable version, 1.2.27, released on May 13, 2024, addresses all these vulnerabilities. The remaining two flaws (CVE-2024-29895 and CVE-2024-30268) impact development version 1.3.x.

Given the availability of proof-of-concept (PoC) exploits for these vulnerabilities, it is highly recommended that users immediately update their Cacti instances to the latest version (1.2.27). Keeping Cacti updated is essential to mitigate security risks and ensure robust network monitoring and management.

 

The sources for this article include a story from TheHackerNews.

Summary
Critical Cacti Vulnerabilities Addressed in Latest Update
Article Name
Critical Cacti Vulnerabilities Addressed in Latest Update
Description
Learn about the Cacti vulnerabilities fixed in the latest release, the security risks, and how to protect your system from potential threats.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started

Mail

Join

4,500

Linux & Open Source
Professionals!

Subscribe to
our newsletter