CVE-2024-54145

Medium CVSS: 6.3

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the get_discovery_results function of automation_devices.php using the network parameter. This vulnerability is fixed in 1.2.29.

Vendor

Cacti

Product

Cacti

CWE

CWE-89

Yayın Tarihi

2025-01-27 17:15:16

Güncelleme

2025-11-03 21:17:48

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-89 Cacti MEDIUM Cacti 2025

Referanslar

https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0 https://github.com/Cacti/cacti/security/advisories/GHSA-fh3x-69rr-qqpp https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html

Benzer Kayıtlar

High

CVE-2025-66399

Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw i…

High

CVE-2005-10004

Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authen…

High

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in host_templates.php via the graph_template paramete…

High

CVE-2025-24367

Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation…

Medium

CVE-2025-24368

Cacti is an open source performance and fault management framework. Some of the data stored in automation_tree_rules.php…

Critical

CVE-2025-22604

Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, auth…