CVE-2022-46169 – Cacti Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2022-46169
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. • https://www.exploit-db.com/exploits/51166 https://github.com/0xf4n9x/CVE-2022-46169 https://github.com/sAsPeCt488/CVE-2022-46169 https://github.com/FredBrave/CVE-2022-46169-CACTI-1.2.22 https://github.com/c3rrberu5/CVE-2022-46169 https://github.com/Inplex-sys/CVE-2022-46169 https://github.com/taythebot/CVE-2022-46169 https://github.com/Habib0x0/CVE-2022-46169 https://github.com/ruycr4ft/CVE-2022-46169 https://github.com/a1665454764/CVE-2022-46169 https://github& • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-863: Incorrect Authorization •
CVE-2021-23225
https://notcve.org/view.php?id=CVE-2021-23225
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php. Cacti versión 1.1.38, permite a usuarios autenticados con permisos de administración de usuarios inyectar un script web o HTML arbitrario en el campo "new_username" durante la creación de un nuevo usuario por medio del método "Copy" en el archivo user_admin.php • https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html https://www.cacti.net/info/changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-3816
https://notcve.org/view.php?id=CVE-2021-3816
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.php. Cacti versión 1.1.38, permite a usuarios autenticados con permisos de administración de usuarios inyectar HTML arbitrario en el campo group_prefix durante la creación de un nuevo grupo por medio del método "Copy" en el archivo user_group_admin.php • https://www.cacti.net/info/changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-14424
https://notcve.org/view.php?id=CVE-2020-14424
Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme. Cacti versiones anteriores a 1.2.18, permite a atacantes remotos desencadenar un ataque de tipo XSS por medio de la importación de plantillas para el tema midwinter • https://bugzilla.redhat.com/show_bug.cgi?id=2001016 https://github.com/Cacti/cacti/pull/4261 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-13231
https://notcve.org/view.php?id=CVE-2020-13231
In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change. En Cacti versiones anteriores a 1.2.11, auth_profile.php?action=edit permite un ataque de tipo CSRF para un cambio de correo electrónico de administrador. • https://github.com/Cacti/cacti/issues/3342 https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B • CWE-352: Cross-Site Request Forgery (CSRF) •