Cacti Crisis: Severe Vulnerability Exploited in the Wild

16 January 2023 [NO.TCSA : 20230116-1-1-P]

PUBLISHED:
16 January 2023

Cacti Crisis: Severe Vulnerability Exploited in the Wild

A severe vulnerability in the Cacti open-source web-based monitoring solution, identified as CVE-2022-46169 with a CVSS score of 9.8, is being actively exploited in the wild. The vulnerability, which is a combination of authentication bypass and command injection, allows an unauthenticated user to execute arbitrary code on affected versions of the software. A significant number of internet-exposed Cacti servers have been found to be vulnerable to this exploit.

Affected Versions

  • Cacti versions 1.2.22 and below 

Mitigation

Users are strongly advised to test and upgrade to Cacti version 1.2.23 or 1.3.0 (or later), which have been patched to address this vulnerability. Additionally, it is recommended to regularly monitor the security of your systems and to apply security updates as soon as they become available.

More Information

 

16 January 2023 [NO.TCSA : 20230116-1-1-P]

Cacti Crisis: Severe Vulnerability Exploited in the Wild

READ MORE READ MORE
21 April 2022 [NO.TCSA : 20220422-1-1-P]

A Critical Unauthenticated Remote Code Execution (RCE) Flaw Found in WSO2 API Manager, Identity Server & Enterprise Integrator

READ MORE READ MORE
19 April 2022 [NO.TCSA : 20220419-1-1-P]

Possible Increase of Intrusion Attempts on Sri Lankan Websites

READ MORE READ MORE
Read More BACK TO THREAT BULLETIN