Cacti Blind, SQL Injection Flaw, Enables Remote Code Execution

9 January 2024

Cacti, the performance and fault management framework, has been discovered with a blind SQL injection vulnerability, which could reveal Cacti database contents or trigger remote code execution. The CVE for this vulnerability has been assigned with CVE-2023-51448, and the severity has been given as 8.8 (High). This vulnerability existed due to insufficient sanitization of a parameter.

Source: GBHackers

Date:

9 January 2024

Categorie(s):

NEWS

Tag(s):

Blind, Cacti, Cyber Security News, Flaws, Security Pro

Latvian TV Channels Hacked to Broadcast Russian Victory Day Parade11 May 2024
Spike in Layoffs Pose Serious Cybersecurity Concerns11 May 2024
Microsoft Deploys Generative AI for US Spies11 May 2024
PoC Released for Critical PuTTY Private Key Recovery Vulnerability11 May 2024
FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT11 May 2024