Page 9 of 143 results (0.012 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password. • https://docs.cacti.net/Settings-Auth-LDAP.md https://github.com/Cacti/cacti/issues/5189 • CWE-863: Incorrect Authorization •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at auth_changepassword.php. • https://github.com/Cacti/cacti/issues/1882 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723. Cacti anterior a 1.2.6 permite IDOR (Referencia directa a objetos inseguros) para acceder a cualquier gráfico a través de un parámetro local_graph_id modificado en graph_xport.php. Esta es una vulnerabilidad diferente a CVE-2019-16723. • https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj https://medium.com/%40hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed • CWE-639: Authorization Bypass Through User-Controlled Key •

CVSS: 9.8EPSS: 96%CPEs: 1EXPL: 26

Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. • https://www.exploit-db.com/exploits/51166 https://github.com/0xf4n9x/CVE-2022-46169 https://github.com/sAsPeCt488/CVE-2022-46169 https://github.com/FredBrave/CVE-2022-46169-CACTI-1.2.22 https://github.com/c3rrberu5/CVE-2022-46169 https://github.com/Inplex-sys/CVE-2022-46169 https://github.com/taythebot/CVE-2022-46169 https://github.com/Habib0x0/CVE-2022-46169 https://github.com/ruycr4ft/CVE-2022-46169 https://github.com/a1665454764/CVE-2022-46169 https://github& • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-863: Incorrect Authorization •

CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0

Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types. Bajo determinadas condiciones de ldap, la autenticación de Cacti puede ser omitida con determinados tipos de credenciales • https://github.com/Cacti/cacti/issues/4562 https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVOALVZSCBFNOAAZVHTJFSFB7UDSNYQ2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZH67CCORDEYFG7NL7G6UH47PAV2PU7BA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJERS4NYIGJ • CWE-287: Improper Authentication •