CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48547
https://notcve.org/view.php?id=CVE-2022-48547
A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at auth_changepassword.php. • https://github.com/Cacti/cacti/issues/1882 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37543
https://notcve.org/view.php?id=CVE-2023-37543
Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723. Cacti anterior a 1.2.6 permite IDOR (Referencia directa a objetos inseguros) para acceder a cualquier gráfico a través de un parámetro local_graph_id modificado en graph_xport.php. Esta es una vulnerabilidad diferente a CVE-2019-16723. • https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj https://medium.com/%40hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 9.8EPSS: 96%CPEs: 1EXPL: 27CVE-2022-46169 – Cacti Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2022-46169
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. • https://www.exploit-db.com/exploits/51166 https://github.com/0xf4n9x/CVE-2022-46169 https://github.com/sAsPeCt488/CVE-2022-46169 https://github.com/FredBrave/CVE-2022-46169-CACTI-1.2.22 https://github.com/c3rrberu5/CVE-2022-46169 https://github.com/Inplex-sys/CVE-2022-46169 https://github.com/taythebot/CVE-2022-46169 https://github.com/Habib0x0/CVE-2022-46169 https://github.com/ruycr4ft/CVE-2022-46169 https://github.com/a1665454764/CVE-2022-46169 https://github& • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-863: Incorrect Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26247
https://notcve.org/view.php?id=CVE-2021-26247
As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter. Como usuario remoto no autenticado, visita "http:///auth_changepassword.php?ref=" para ejecutar con éxito la carga útil de JavaScript presente en el parámetro "ref" de la URL • https://www.cacti.net/info/changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-23225
https://notcve.org/view.php?id=CVE-2021-23225
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php. Cacti versión 1.1.38, permite a usuarios autenticados con permisos de administración de usuarios inyectar un script web o HTML arbitrario en el campo "new_username" durante la creación de un nuevo usuario por medio del método "Copy" en el archivo user_admin.php • https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html https://www.cacti.net/info/changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •