Are you using the popular monitoring tool, Cacti? If so, it’s crucial to be aware that over 1600 online installations of the tool are vulnerable to a critical issue that has already been exploited by hackers. The vulnerability, known as CVE-2022-46169 (9.8 on the CVSS scale), allows for bypassing authentication and executing arbitrary code.
In early December 2022, developers of Cacti warned of this critical vulnerability related to command injection that can be used without authentication. At the time, an update was released to fix the vulnerability and preventative measures were also provided. However, it’s important to note that the vulnerability affects all versions of Cacti from 1.2.22 and below.
Specialists from SonarSource discovered the issue and have shared a report that includes a PoC exploit and a demonstration of the attack on video. Researchers from The Shadowserver Foundation have also noticed the first attempts to exploit the bug for the purpose of delivering malware.
It’s crucial to update to the latest version of Cacti to prevent a potential attack and protect your data. Don’t wait for hackers to exploit the vulnerability on your installation, update your Cacti tool now to keep your data safe.