A important safety flaw has been disclosed within the Cacti open-source community tracking and fault control framework that might permit an authenticated attacker to reach far off code execution on inclined circumstances.
The flaw, tracked as CVE-2025-22604, carries a CVSS ranking of 9.1 out of a most of 10.0.
“Because of a flaw within the multi-line SNMP end result parser, authenticated customers can inject malformed OIDs within the reaction,” the mission maintainers mentioned in an advisory launched this week.
“When processed by means of ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), part of each and every OID shall be used as a key in an array this is used as a part of a gadget command, inflicting a command execution vulnerability.”
A success exploitation of the vulnerability may allow an authenticated consumer with instrument control permissions to execute arbitrary code within the server, and scouse borrow, edit, or delete delicate knowledge.
CVE-2025-22604 impacts all variations of the tool previous to and together with 1.2.28. It’s been addressed in model 1.2.29. A safety researcher who is going by means of the net alias u32i has been credited with finding and reporting the flaw.
Additionally addressed in the newest model is CVE-2025-24367 (CVSS ranking: 7.2), which might allow an authenticated attacker to create arbitrary PHP scripts within the internet root of the appliance by means of abusing the graph advent and graph template capability, resulting in far off code execution.
With safety vulnerabilities in Cacti having come beneath lively exploitation up to now, organizations depending at the tool for community tracking must prioritize making use of the important patches to mitigate the danger of compromise.