Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution

2025-01-29 10:21

A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0. "Due to a flaw in the multi-line SNMP result parser, authenticated users can inject

News URL

https://thehackernews.com/2025/01/critical-cacti-security-flaw-cve-2025.html

#cacti #codeexecution #critical #CVE #remote #security #CVE-2025-22604

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-27	CVE-2025-22604	OS Command Injection vulnerability in Cacti Cacti is an open source performance and fault management framework. network low complexity cacti CWE-78	7.2

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Cacti		1	0	54	35	6	95

News URL

Related news

Related Vulnerability

Related vendor