CVE-2023-49084
Local File Inclusion (RCE) in Cacti
In short
Cacti, a monitoring tool, has a vulnerability where authorized users can include malicious files and run arbitrary code on the server. This happens because the application doesn't properly check file paths when including files.
Technical detail
CVE-2023-49084 exploits insufficient path validation in Cacti's link.php combined with SQL injection to achieve local file inclusion (LFI) leading to remote code execution. An authenticated attacker can manipulate include file parameters to load and execute arbitrary code on the server. The vulnerability requires valid credentials but allows full system compromise.
Summary generated and translated by AI from the official description.
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server.
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected products
Cacti · cactiWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.htmlhttps://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vphttps://lists.debian.org/debian-lts-announce/2024/03/msg00018.htmlhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/