CVE-2023-49085
Published: 22 December 2023
Summary
CVE-2023-49085 is a high-severity SQL Injection (CWE-89) vulnerability in Cacti Cacti. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 0.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
Cacti is an operational monitoring and fault management framework that is affected by a SQL injection vulnerability in versions 1.2.25 and earlier. The flaw exists in the pollers.php script and stems from insufficient input sanitization, enabling an authenticated user to inject and execute arbitrary SQL statements, as classified under CWE-89. The issue carries a CVSS 3.1 score of 8.8.
An authorized user with access to the affected script can supply crafted input to pollers.php and achieve arbitrary SQL execution on the underlying database. Public references indicate this can be escalated to remote code execution in practice.
The GitHub security advisory GHSA-vr3c-38wh-g855 and subsequent distribution notices from Debian and Fedora reference the issue, though the original disclosure stated that no patch was available at the time of publication. A proof-of-concept exploit demonstrating remote code execution has been published on Packet Storm.
The associated EPSS score reached a peak of 0.9140 and remains at that level, indicating sustained exploitation interest following disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-53100
Vulnerability details
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component…
more
is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.