Cacti Blind, SQL Injection Flaw, Enables Remote Code Execution

9 January 2024

Cacti, the performance and fault management framework, has been discovered with a blind SQL injection vulnerability, which could reveal Cacti database contents or trigger remote code execution. The CVE for this vulnerability has been assigned with CVE-2023-51448, and the severity has been given as 8.8 (High). This vulnerability existed due to insufficient sanitization of a parameter.

Source: GBHackers

Date:

9 January 2024

Categorie(s):

NEWS

Tag(s):

Blind, Cacti, Cyber Security News, Flaws, Security Pro

US Voters Urged to Use Official Sources for Election Information5 November 2024
Tor and Tails Team Up for Better Online Privacy Protections5 November 2024
Beware of phishing emails delivering backdoored Linux VMs!5 November 2024
Lumifi acquires Critical Insight to boost incident response capabilities5 November 2024
Hackers Deploy CRON#TRAP for Persistent Linux System Backdoors5 November 2024