CVE-2024-43363

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.28

Description: The issue is related to incorrect code generation management in the Cacti network monitoring tool. An admin user can create a device with a malicious hostname containing PHP code, allowing for log poisoning and potentially leading to Remote Code Execution (RCE). This can be achieved by completing only step 5 of the installation process. The estimated number of potentially affected devices worldwide is not provided. There are no known real-world incidents where this issue was exploited.

Recommendations: For versions prior to 1.2.28, upgrade to version 1.2.28 or later to address the issue. As a temporary workaround, consider restricting access to the log files to minimize the risk of exploitation. Avoid using malicious hostnames containing PHP code in the device creation process until the issue is resolved.