CVE-2023-39362
Authenticated command injection in SNMP options of a Device
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib/snmp.php` file has a set of functions, with similar behavior, that accept in input some variables and place them into an `exec` call without a proper escape or validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Cacti es un framework de monitorización operacional y gestión de fallos de código abierto. En Cacti v1.2.24, bajo ciertas condiciones, un usuario privilegiado autenticado, puede utilizar una cadena maliciosa en las opciones SNMP de un dispositivo, realizando inyección de comandos y obteniendo ejecución remota de código en el servidor subyacente. El fichero "lib/snmp.php" tiene un conjunto de funciones, con un comportamiento similar, que aceptan en entrada algunas variables y las colocan en una llamada "exec" sin un escape o validación adecuados. Este problema se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-07-28 CVE Reserved
- 2023-09-05 CVE Published
- 2023-10-09 First Exploit
- 2024-08-19 CVE Updated
- 2024-11-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (9)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cacti Search vendor "Cacti" | Cacti Search vendor "Cacti" for product "Cacti" | < 1.2.25 Search vendor "Cacti" for product "Cacti" and version " < 1.2.25" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 37 Search vendor "Fedoraproject" for product "Fedora" and version "37" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 38 Search vendor "Fedoraproject" for product "Fedora" and version "38" | - |
Affected
|