CVE-2022-46169 Scanner
Detects 'OS Command Injection' vulnerability in Cacti affects v. before 1.2.23.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month 3 days
Scan only one
Domain, IPv4
Toolbox
-
Cacti is an open-source platform that is widely used to provide operational monitoring and fault management frameworks to its users. This platform is designed to be robust and extensible and is an ideal solution for those who seek easy-to-use and powerful tools. With Cacti, users can monitor and visualize network traffic, system resources, and application performance, among many other things. It is a popular tool for monitoring IT infrastructure, and it offers a wide range of features to its users.
Recently, a vulnerability with code CVE-2022-46169 has been detected in Cacti. This vulnerability is a command injection vulnerability, which allows unauthenticated attackers to execute arbitrary code on a server running Cacti. The vulnerability resides in the 'remote_agent.php' file, which can be accessed without authentication. The vulnerability is triggered when a specific data source is selected for any monitored device, and it allows attackers to bypass authentication and execute arbitrary code.
When exploited, this vulnerability can lead to serious consequences. Attackers can gain unauthorized access to the server running Cacti and execute code, which can compromise the security of the entire IT infrastructure. This can lead to data theft, financial losses, reputational damage, and other severe consequences. Therefore, it is essential to take proper precautions to protect against this vulnerability.
In conclusion, the CVE-2022-46169 vulnerability in Cacti is a severe security threat that can lead to significant damage if exploited. It is crucial to take proper precautions to protect against this vulnerability. s4e.io offers pro features that allow you to easily and quickly learn about vulnerabilities in your digital assets. By using this platform, you can ensure that your IT infrastructure is secure and protected from any potential threats.
REFERENCES
- https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216
- https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9
- https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b
- https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf