012Git012

**Name of the Vulnerable Software and Affected Versions** Cacti versions 1.2.25 and prior **Description** The issue is related to a lack of protection in the SQL query structure of the Cacti network monitoring tool, specifically in the `pollers.php` script. This allows an authorized user to execute arbitrary SQL code, potentially leading to the execution of arbitrary code by a remote attacker. The vulnerable component is the `pollers.php` script. The impact of this issue is the execution of arbitrary SQL code. **Recommendations** For versions 1.2.25 and prior, consider disabling the `pollers.php` script as a temporary workaround until a patch is available. Restrict access to the `pollers.php` script to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cacti (affected versions not specified) **Description** The issue is related to incorrect handling of file names for PHP include or require functions in the link.php component, allowing an attacker to execute arbitrary code on the server. This can be achieved through SQL Injection and insufficient processing of the include file path. The exploitation of this issue is possible for an authorized user, and its impact is the execution of arbitrary code on the server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cacti versions prior to 1.2.27 **Description** The issue is related to the lack of protection of the web page structure, allowing a remote attacker to conduct a cross-site scripting (XSS) attack and execute arbitrary code. The vulnerable component is the `graphs new.php` file. Exploitation of the vulnerability is possible for an authorized user, leading to the execution of arbitrary JavaScript code in the attacked user's browser. **Recommendations** For versions prior to 1.2.27, update to version 1.2.27 to resolve the issue. As a temporary workaround, consider restricting access to the `graphs new.php` file until the update is applied.

**Nome do software vulnerável e versões afetadas** Versões do Cacti anteriores à 1.2.27 **Descrição** O Cacti fornece uma estrutura de monitoramento operacional e gerenciamento de falhas. Existe uma vulnerabilidade de inclusão de arquivo no arquivo `lib/plugin.php`, especificamente na função `api plugin hook()`, que lê as tabelas `plugin hooks` e `plugin config` no banco de dados. Os dados lidos são usados diretamente para concatenar o caminho do arquivo, que é utilizado para a inclusão do arquivo. Combinado com vulnerabilidades de injeção de SQL, é possível executar código remotamente. **Recomendações** Para versões anteriores à 1.2.27, atualize para a versão 1.2.27 ou posterior, que contém um patch para o problema. Como solução temporária, considere desativar a função `api plugin hook()` no arquivo `lib/plugin.php` até que um patch esteja disponível. Restrinja o acesso ao arquivo `lib/plugin.php` para minimizar o risco de exploração.