[npnog] Unauthenticated Command Injection - Cacti
kijush.maharjan at gmail.com
kijush.maharjan at gmail.com
Sun Jan 8 13:19:49 +0545 2023
Hello Everyone,
If anyone is using CACTI as your monitoring tool, then please check the link below. You might need to patch it before its too late.
A command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device.
https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf <https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf>
Regards,
Kijush
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.npnog.org.np/pipermail/npnog/attachments/20230108/dcd9282a/attachment.html>
More information about the npnog
mailing list