CACTI Open-Source Network monitoring and disability management frameworks have revealed important security defects that allow authentic attackers to realize remote code execution in sensitive instances.
The defect tracked as CVE-2025-22604 is equipped with a 9.1 CVSS score out of up to 10.0.
“Authenticated users can inject a malformed OID into the response because of the defect in the multi -line SNMP result parcisser,” said Project Menteners stated in the advisory announced this week.
When processed by “ss_net_snmp_disk_io () or ss_net_snmp_disk_bytes (), each OID is used as part of the system command and is used as a key of an array that causes the vulnerability of command execution.”
If the development of vulnerability is successful, a certified user with device management authority can execute any code on the server, steal, edit, and delete confidential data.
CVE-2025-22604 affects all versions of software around 1.2.28. It is dealt with version 1.2.29. It is recognized that security researchers on online alias U32i discovered and reported defects.
Also, in the latest version, it is CVE-2025-24367 (CVSS score: 7.2). This allows authentic attackers to create any PHP scripts on the application web route by creating a graph, abusing the graph template function and deriving remotely. Code execution.
Since CACTI’s security vulnerability has been actively exploited in the past, organizations that rely on software for network monitoring priority to apply the patches needed to reduce the risk of compromise. You need to.
Source link
