CVE-2023-50250

Name of the Vulnerable Software and Affected Versions Cacti version 1.2.25

Description The issue is related to insufficient protection of the web page structure in the Cacti network monitoring tool. This allows a remote attacker to conduct cross-site scripting attacks and gain unauthorized access to read, modify, or delete data. The vulnerability is found in the templates import.php file and can be exploited when uploading an XML template file that does not pass the check, resulting in a JavaScript pop-up prompt with an unfiltered XML template file name, leading to XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users, potentially leading to unauthorized changes to settings.

Recommendations As a temporary workaround, consider disabling the templates import.php function until a patch is available. Restrict access to the templates import.php file to minimize the risk of exploitation. Avoid using unfiltered XML template file names in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.