A critical-severity command injection vulnerability that is being used in attacks has not been patched against the majority of Cacti installations that are exposed to the internet.
Cacti is a front-end application for the data logging tool RRDtool. It is an open-source web-based network monitoring and graphing tool that provides an operational monitoring and fault management framework. An authentication bypass that allows an unauthenticated attacker to access a particular file and improper argument sanitization during the processing of a specific HTTP query for a polling “action” defined in the database make up the security flaw.
Also read: Critical Sophos Security Flaw Allows Remote Code Execution on Firewalls
Patches for this vulnerability are included in the December 5th-released Cacti versions 1.2.23 and 1.3.0.
Read More: Most Cacti Installations Unpatched Against Exploited Vulnerability
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates