CVE-2023-51448

Name of the Vulnerable Software and Affected Versions Cacti version 1.2.25

Description Cacti provides an operational monitoring and fault management framework. A Blind SQL Injection vulnerability exists within the SNMP Notification Receivers feature in the file managers.php. An authenticated attacker with the "Settings/Utilities" permission can send a crafted HTTP GET request to the endpoint /cacti/managers.php with an SQLi payload in the selected graphs array HTTP GET parameter. The vulnerability could lead to information disclosure and potentially remote code execution. Approximately 60,887 devices are potentially affected, mainly distributed in the United States, China, and other countries.

Recommendations As a temporary workaround, consider disabling the selected graphs array parameter in the /cacti/managers.php endpoint until a patch is available. Restrict access to the managers.php file to minimize the risk of exploitation. Avoid using the selected graphs array parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.