PT-2024-3804 · Cacti+3 · Cacti+3

Ishgard-2

Published

2023-07-13

Updated

2025-01-24

CVE-2024-31458

CVSS v3.1

8.0

High

Vector

AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.27

Description The issue is related to the form save() function in Cacti, which lacks proper validation of XML object sequences, allowing a remote attacker to execute arbitrary SQL queries. This is due to some data stored in the form save() function being used to concatenate SQL statements in the draw nontemplated fields graph item() function, resulting in SQL injection.

Recommendations For versions prior to 1.2.27, update to version 1.2.27 or later, which contains a patch for the issue. As a temporary workaround, consider restricting access to the form save() function and the draw nontemplated fields graph item() function from lib/html form templates.php to minimize the risk of exploitation.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

ALT-PU-2023-4394

ALT-PU-2023-4396

ALT-PU-2023-5196

ALT-PU-2024-17822

ALT-PU-2025-1813

BDU:2024-04179

CVE-2024-31458

DLA-3884-1

GHSA-JRXG-8WH8-943X

OPENSUSE-SU-2024:0274-1

OPENSUSE-SU-2024:0276-1

OPENSUSE-SU-2024:13962-1

USN-6969-1

Affected Products

Alt Linux

Cacti

Linuxmint

Ubuntu

PT-2024-3804 · Cacti+3 · Cacti+3

CVE-2024-31458

Weakness Enumeration

Related Identifiers

Affected Products

References · 71