Security Advisory

CVE-2023-49085

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-22 16:13:13

Last updated 2026-02-25 16:34:32

Assigner GitHub_M

State PUBLISHED

Description

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.

← Browse all CVEs View on cve.org ↗